Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through
11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0,
Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote
attackers to inject arbitrary web script or HTML via a multibyte character
set.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | firefox | <Β 12.0+build1-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | firefox | <Β 12.0+build1-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | firefox | <Β 12.0+build1-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | firefox | <Β 12.0+build1-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 10.04 | noarch | thunderbird | <Β 12.0.1+build1-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | thunderbird | <Β 12.0.1+build1-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | thunderbird | <Β 12.0.1+build1-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | thunderbird | <Β 12.0.1+build1-0ubuntu0.12.04.1 | UNKNOWN |
www.mozilla.org/security/announce/2012/mfsa2012-24.html
bugzilla.mozilla.org/show_bug.cgi?id=715319
launchpad.net/bugs/cve/CVE-2012-0471
nvd.nist.gov/vuln/detail/CVE-2012-0471
security-tracker.debian.org/tracker/CVE-2012-0471
ubuntu.com/security/notices/USN-1430-1
ubuntu.com/security/notices/USN-1430-3
www.cve.org/CVERecord?id=CVE-2012-0471