Lucene search
Mozilla FoundationMFSA2012-101HistoryNov 20, 2012 - 12:00 a.m.
Improper character decoding in HZ-GB-2312 charset — Mozilla
2012-11-2000:00:00
Mozilla Foundation
www.mozilla.org
31
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
70.8%
Security researcher Masato Kinugawa found when HZ-GB-2312 charset encoding is used for text, the “~” character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312.
Affected configurations
Node
mozillafirefoxRange<17
ORmozillafirefox_esrRange<10.0.11
ORmozillaseamonkeyRange<2.14
ORmozillathunderbirdRange<17
ORmozillathunderbird_esrRange<10.0.11
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | seamonkey | * | cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
| mozilla | thunderbird_esr | * | cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2012-11-21 12:55:00
nvd
nvd
CVE-2012-4207
2012-11-21 12:55:02
ubuntucve
ubuntucve
CVE-2012-4207
2012-11-21 00:00:00
cve
cve
CVE-2012-4207
2012-11-21 12:55:02
cvelist
cvelist
CVE-2012-4207
2012-11-21 11:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-101) - Linux
2021-11-11 00:00:00
Debian: Security Advisory (DSA-2583-1)
2013-09-18 00:00:00
Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities)
2013-09-18 00:00:00
debian
debian
[SECURITY] [DSA 2583-1] iceweasel security update
2012-12-08 12:05:22
[SECURITY] [DSA 2588-1] icedove security update
2012-12-16 13:09:41
[SECURITY] [DSA 2584-1] iceape security update
2012-12-08 14:05:02
osv
osv
iceape - several
2012-12-08 00:00:00
iceweasel - several
2012-12-08 00:00:00
icedove - several
2012-12-16 00:00:00
nessus
nessus
Debian DSA-2584-1 : iceape - several vulnerabilities
2012-12-09 00:00:00
Debian DSA-2588-1 : icedove - several vulnerabilities
2012-12-17 00:00:00
Debian DSA-2583-1 : iceweasel - several vulnerabilities
2012-12-09 00:00:00
centos
centos
thunderbird security update
2012-11-22 02:10:10
firefox, xulrunner security update
2012-11-22 02:03:00
redhat
redhat
(RHSA-2012:1483) Critical: thunderbird security update
2012-11-20 00:00:00
(RHSA-2012:1482) Critical: firefox security update
2012-11-20 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-11-20 00:00:00
firefox security update
2012-11-20 00:00:00
veracode
veracode
Arbitrary Code Execution Or Denial Of Service (DoS)
2019-05-02 04:41:13
Arbitrary Code Execution Or Denial Of Service (DoS)
2019-05-02 04:41:16
Arbitrary Code Execution
2019-05-02 04:41:11
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-11-21 00:00:00
ubufox update
2012-11-21 00:00:00
Firefox vulnerabilities
2012-11-21 00:00:00
suse
suse
security update to Firefox 17.0 and other Mozilla based packages (important)
2013-01-23 14:07:31
Security update for Mozilla Firefox (important)
2012-11-29 01:08:52
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-12-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-11-20 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
70.8%
Related for MFSA2012-101