Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60435
HistoryOct 14, 2012 - 12:00 a.m.

Mozilla Firefox 16 Reader Mode 跨站脚本执行漏洞 (CVE-2012-3987)

2012-10-1400:00:00
Root
www.seebug.org
17

0.005 Low

EPSS

Percentile

72.3%

JSON

BUGTRAQ ID: 55856
CVE ID: CVE-2012-3987

Firefox是一款非常流行的开源WEB浏览器。SeaMonkey是开源的Web浏览器、邮件和新闻组客户端、IRC会话客户端和HTML编辑器。

Mozilla Firefox 16存在安全漏洞,当一个页面转变到Reader Mode时,结果页面会具有chrome权限,其内容也未被完全过滤。这可导致跨脚本执行攻击,以获取Android设备上的Firefox权限。
0
Mozilla Firefox 16
厂商补丁:

Mozilla

Mozilla已经为此发布了一个安全公告(mfsa2012-78)以及相应补丁:
mfsa2012-78:Reader Mode pages have chrome privileges

链接:http://www.mozilla.org/security/announce/2012/mfsa2012-78.html

Related

prion 1
cve 1
mozilla 1
openvas 3
suse 1
nessus 9
freebsd 1
securityvulns 1
prion
prion
Design/Logic Flaw
2012-10-10 17:55:00
cve
cve
CVE-2012-3987
2012-10-10 17:55:00
mozilla
mozilla
Reader Mode pages have chrome privileges — Mozilla
2012-10-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1351-1)
2021-06-09 00:00:00
FreeBSD Ports: firefox
2012-10-13 00:00:00
FreeBSD Ports: firefox
2012-10-13 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2012-10-16 22:08:48
nessus
nessus
Mozilla SeaMonkey 2.x < 2.13 Multiple Vulnerabilities
2012-10-16 00:00:00
Mozilla Firefox 15.x <= 15 Multiple Vulnerabilities
2012-10-16 00:00:00
Mozilla Thunderbird < 16.0.1 Multiple Vulnerabilities
2012-10-16 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-10-09 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00

0.005 Low

EPSS

Percentile

72.3%

JSON
Related for SSV:60435
prion1cve1mozilla1openvas3suse1nessus9freebsd1securityvulns1