9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.445 Medium
EPSS
Percentile
97.4%
The Mozilla Project reports:
MFSA 2012-13 XSS with Drag and Drop and Javascript: URL
MFSA 2012-14 SVG issues found with Address Sanitizer
MFSA 2012-15 XSS with multiple Content Security Policy headers
MFSA 2012-16 Escalation of privilege with Javascript: URL as home page
MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification
MFSA 2012-18 window.fullScreen writeable by untrusted content
MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 10.0.3,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 10.0.3,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.8 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 10.0.3 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.8 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 10.0.3 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 1.9.2.28 | UNKNOWN |
www.mozilla.org/security/announce/2012/mfsa2012-13.html
www.mozilla.org/security/announce/2012/mfsa2012-14.html
www.mozilla.org/security/announce/2012/mfsa2012-15.html
www.mozilla.org/security/announce/2012/mfsa2012-16.html
www.mozilla.org/security/announce/2012/mfsa2012-17.html
www.mozilla.org/security/announce/2012/mfsa2012-18.html
www.mozilla.org/security/announce/2012/mfsa2012-19.html