Mozilla Firefox Security Advisory for Linux. Missing update for Firefox version(s) below 12 due to page load short-circuit leading to XSS
Reporter | Title | Published | Views | Family All 92 |
---|---|---|---|---|
![]() | CVE-2012-0474 | 25 Apr 201210:00 | – | cvelist |
![]() | CVE-2012-0474 | 25 Apr 201200:00 | – | ubuntucve |
![]() | Cross site scripting | 25 Apr 201210:10 | – | prion |
![]() | Page load short-circuit can lead to XSS — Mozilla | 24 Apr 201200:00 | – | mozilla |
![]() | CVE-2012-0474 | 25 Apr 201210:10 | – | cve |
![]() | CVE-2012-0474 | 25 Apr 201210:10 | – | nvd |
![]() | Cross-site Scripting (XSS) | 10 Apr 202001:09 | – | veracode |
![]() | Mozilla Products Multiple Vulnerabilities (May 2012) - Mac OS X | 2 May 201200:00 | – | openvas |
![]() | Ubuntu: Security Advisory (USN-1430-2) | 30 Apr 201200:00 | – | openvas |
![]() | Mozilla Products Multiple Vulnerabilities - May12 (Mac OS X) | 2 May 201200:00 | – | openvas |
Source | Link |
---|---|
bugzilla | www.bugzilla.mozilla.org/buglist.cgi |
mozilla | www.mozilla.org/en-US/security/advisories/mfsa2012-27/ |
# Copyright (C) 2021 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
CPE = "cpe:/a:mozilla:firefox";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.2.1.2012.27");
script_cve_id("CVE-2012-0474");
script_tag(name:"creation_date", value:"2021-11-11 09:42:47 +0000 (Thu, 11 Nov 2021)");
script_version("2021-11-15T10:21:31+0000");
script_tag(name:"last_modification", value:"2021-11-15 10:21:31 +0000 (Mon, 15 Nov 2021)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_name("Mozilla Firefox Security Advisory (MFSA2012-27) - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone Networks GmbH");
script_family("General");
script_dependencies("gb_firefox_detect_lin.nasl");
script_mandatory_keys("mozilla/firefox/linux/detected");
script_xref(name:"Advisory-ID", value:"MFSA2012-27");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-27/");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/buglist.cgi?bug_id=687745,737307");
script_tag(name:"summary", value:"This host is missing a security update for Mozilla Firefox.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Page load short-circuit can lead to XSS
Security researchers Jordi Chancel and Eddy
Bordi reported that they could short-circuit page loads to show the
address of a different site than what is loaded in the window in the addressbar.
Security researcher Chris McGowen independently reported the
same flaw, and further demonstrated that this could lead to loading scripts from
the attacker's site, leaving users vulnerable to cross-site scripting (XSS)
attacks.");
script_tag(name:"affected", value:"Firefox version(s) below 12.");
script_tag(name:"solution", value:"The vendor has released an update. Please see the reference(s) for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version_unreliable");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (!infos = get_app_version_and_location(cpe: CPE, exit_no_version: TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if (version_is_less(version: version, test_version: "12")) {
report = report_fixed_ver(installed_version: version, fixed_version: "12", install_path: location);
security_message(port: 0, data: report);
exit(0);
}
exit(99);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo