Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable6519.PRM
HistoryJul 23, 2012 - 12:00 a.m.

Mozilla Firefox < 14.0 Multiple Vulnerabilities

2012-07-2300:00:00
Tenable
www.tenable.com
6
JSON

Versions of Firefox prior to 14.0 are potentially affected by the following security issues :

  • Several memory safety issues exist, some of which could potentially allow arbitrary code execution. (CVE-2012-1948, CVE-2012-1949)
  • An error related to drag and drop can allow incorrect URLs to be displayed. (CVE-2012-1950)
  • Several memory safety issues exist related to the Gecko layout engine. (CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954)
  • An error related to JavaScript functions β€˜history.forward’ and β€˜history.back’ can allow incorrect URLs to be displayed. (CVE-2012-1955)
  • Cross-site scripting attacks are possible due to an error related to the β€˜<embed>’ tag within an RSS β€˜<description>’ element. (CVE-2012-1957)
  • A use-after-free error exists related to the method β€˜nsGlobalWindow::PageHidden’. (CVE-2012-1958)
  • An error exists that can allow β€˜same-compartment security wrappers’ (SCSW) to be bypassed. (CVE-2012-1959)
  • An out-of-bounds read error exists related to the color management library (QCMS). (CVE-2012-1960)
  • The β€˜X-Frames-Options’ header is ignored if it is duplicated. (CVE-2012-1961)
  • A memory corruption error exists related to the method β€˜JSDependentString::undepend’. (CVE-2012-1962)
  • An error related to the β€˜Content Security Policy’ (CSP) implementation can allow the disclosure of OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963)
  • An error exists related to the β€˜feed:’ URL that can allow cross-site scripting attacks. (CVE-2012-1965)
  • Cross-site scripting attacks are possible due to an error related to the β€˜data:’ URL and context menus. (CVE-2012-1966)
  • An error exists related to the β€˜javascript:’ URL that can allow scripts to run at elevated privileges outside the sandbox. (CVE-2012-1967)
Binary data 6519.prm
VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

References

Related

nessus 36
openvas 53
ubuntu 3
suse 6
oraclelinux 2
freebsd 1
veracode 17
centos 2
redhat 2
securityvulns 1
osv 3
debian 3
mozilla 14
prion 18
cve 18
ubuntucve 18
checkpoint_advisories 1
seebug 1
nessus
nessus
Mozilla Firefox 13.x < 13 Multiple Vulnerabilities
2012-07-23 00:00:00
Firefox < 14.0 Multiple Vulnerabilities (Mac OS X)
2012-07-19 00:00:00
Mozilla Thunderbird < 14.0 Multiple Vulnerabilities
2012-07-23 00:00:00
openvas
openvas
openSUSE: Security Advisory for seamonkey (openSUSE-SU-2012:0935-1)
2012-12-13 00:00:00
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2012:0917-1)
2012-12-13 00:00:00
SuSE Update for seamonkey openSUSE-SU-2012:0935-1 (seamonkey)
2012-12-13 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-07-17 00:00:00
Firefox vulnerabilities
2012-07-17 00:00:00
ubufox update
2012-07-18 00:00:00
suse
suse
xulrunner to 14.0.1 (critical)
2012-07-30 17:08:56
MozillaFirefox to 14.0.1 (critical)
2012-07-23 14:08:16
seamonkey: Update to Seamonkey 2.11 (important)
2012-08-01 18:08:34
oraclelinux
oraclelinux
firefox security update
2012-07-17 00:00:00
thunderbird security update
2012-07-17 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-07-17 00:00:00
veracode
veracode
Use-After-Free (UAF)
2019-05-02 04:42:25
Cross Site Scripting (XSS)
2019-05-02 04:42:29
Denial Of Service (DoS)
2019-05-02 04:42:25
centos
centos
firefox, xulrunner security update
2012-07-17 20:41:16
thunderbird security update
2012-07-17 21:25:02
redhat
redhat
(RHSA-2012:1088) Critical: firefox security update
2012-07-17 00:00:00
(RHSA-2012:1089) Critical: thunderbird security update
2012-07-17 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-08-13 00:00:00
osv
osv
iceweasel - several vulnerabilities
2012-07-17 00:00:00
icedove - several
2012-08-14 00:00:00
iceape - several vulnerabilities
2012-07-17 00:00:00
debian
debian
[SECURITY] [DSA 2514-1] iceweasel security update
2012-07-17 20:03:42
[SECURITY] [DSA 2528-1] icedove security update
2012-08-14 19:26:36
[SECURITY] [DSA 2513-1] iceape security update
2012-07-17 19:47:49
mozilla
mozilla
Gecko memory corruption β€” Mozilla
2012-07-17 00:00:00
Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) β€” Mozilla
2012-07-17 00:00:00
Content Security Policy 1.0 implementation errors cause data leakage β€” Mozilla
2012-07-17 00:00:00
prion
prion
Design/Logic Flaw
2012-07-18 10:26:00
Heap overflow
2012-07-18 10:26:00
Design/Logic Flaw
2012-07-18 10:26:00
cve
cve
CVE-2012-1963
2012-07-18 10:26:00
CVE-2012-1951
2012-07-18 10:26:00
CVE-2012-1953
2012-07-18 10:26:00
ubuntucve
ubuntucve
CVE-2012-1949
2012-07-17 00:00:00
CVE-2012-1948
2012-07-17 00:00:00
CVE-2012-1951
2012-07-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Table Frames Memory Corruption (CVE-2012-1952)
2012-10-14 00:00:00
seebug
seebug
Mozilla Firefoxθ·¨η«™θ„šζœ¬ζ‰§θ‘ŒζΌζ΄ž(CVE-2012-1966)
2012-07-20 00:00:00
JSON
Related for 6519.PRM
nessus36openvas53ubuntu3suse6oraclelinux2freebsd1veracode17centos2redhat2securityvulns1osv3debian3mozilla14prion18cve18ubuntucve18checkpoint_advisories1seebug1