Lucene search
Mozilla FoundationMFSA2012-103HistoryNov 20, 2012 - 12:00 a.m.
Frames can shadow top.location — Mozilla
2012-11-2000:00:00
Mozilla Foundation
www.mozilla.org
17
0.002 Low
EPSS
Percentile
57.5%
Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location with a frame whose name attribute’s value is set to “top”. This can allow for possible cross-site scripting (XSS) attacks through plugins.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 17 | |
| firefox esr | lt | 10.0.11 | |
| seamonkey | lt | 2.14 | |
| thunderbird | lt | 17 | |
| thunderbird esr | lt | 10.0.11 |
Related
veracode
veracode
Cross Site Scripting (XSS)
2019-05-02 04:41:12
Arbitrary Code Execution Or Denial Of Service (DoS)
2019-05-02 04:41:16
Remote Code Execution (RCE)
2019-05-02 04:41:16
cvelist
cvelist
CVE-2012-4209
2012-11-21 11:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-103) - Linux
2021-11-11 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Nov 2012) - Windows
2012-11-26 00:00:00
Mozilla Firefox Multiple Vulnerabilities-01 November12 (Windows)
2012-11-26 00:00:00
ubuntucve
ubuntucve
CVE-2012-4209
2012-11-21 00:00:00
prion
prion
Cross site scripting
2012-11-21 12:55:00
cve
cve
CVE-2012-4209
2012-11-21 12:55:00
redhat
redhat
(RHSA-2012:1483) Critical: thunderbird security update
2012-11-20 00:00:00
(RHSA-2012:1482) Critical: firefox security update
2012-11-20 00:00:00
nessus
nessus
RHEL 5 / 6 : thunderbird (RHSA-2012:1483)
2012-11-21 00:00:00
CentOS 5 / 6 : thunderbird (CESA-2012:1483)
2012-11-23 00:00:00
Thunderbird 10.x < 10.0.11 Multiple Vulnerabilities (Mac OS X)
2012-11-21 00:00:00
centos
centos
thunderbird security update
2012-11-22 02:10:10
firefox, xulrunner security update
2012-11-22 02:03:00
oraclelinux
oraclelinux
thunderbird security update
2012-11-20 00:00:00
firefox security update
2012-11-20 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-11-21 00:00:00
ubufox update
2012-11-21 00:00:00
Firefox vulnerabilities
2012-11-21 00:00:00
suse
suse
security update to Firefox 17.0 and other Mozilla based packages (important)
2013-01-23 14:07:31
Security update for Mozilla Firefox (important)
2012-11-29 01:08:52
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-12-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-11-20 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00