CVE-2012-0446

2012-02-01T16:55:00
ID CVE-2012-0446
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:34:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.