Lucene search

K

MitreCVELIST:CVE-2012-4208

HistoryNov 21, 2012 - 11:00 a.m.

CVE-2012-4208

2012-11-2111:00:00

mitre

www.cve.org

5

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

56.7%

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.

References

lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html

lists.opensuse.org/opensuse-updates/2012-11/msg00090.html

lists.opensuse.org/opensuse-updates/2012-11/msg00092.html

lists.opensuse.org/opensuse-updates/2012-11/msg00093.html

secunia.com/advisories/51369

secunia.com/advisories/51370

secunia.com/advisories/51381

secunia.com/advisories/51434

secunia.com/advisories/51439

secunia.com/advisories/51440

www.mozilla.org/security/announce/2012/mfsa2012-99.html

www.securityfocus.com/bid/56627

www.ubuntu.com/usn/USN-1636-1

www.ubuntu.com/usn/USN-1638-1

www.ubuntu.com/usn/USN-1638-2

www.ubuntu.com/usn/USN-1638-3

bugzilla.mozilla.org/show_bug.cgi?id=798264

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16695

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

56.7%

Related for CVELIST:CVE-2012-4208

ubuntucve1 nvd1 prion1 cve1 mozilla1 openvas20 nessus23 ubuntu4 suse3 securityvulns1 freebsd1 gentoo1 osv2