Lucene search
Ubuntu.comUB:CVE-2012-0475HistoryApr 25, 2012 - 12:00 a.m.
CVE-2012-0475
2012-04-2500:00:00
ubuntu.com
ubuntu.com
10
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.01
Percentile
83.3%
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and
SeaMonkey before 2.9 do not properly construct the Origin and
Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to
bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2)
WebSocket operation involving a nonstandard port number and an IPv6 address
that contains certain zero fields.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 12.0+build1-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | firefox | < 12.0+build1-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | firefox | < 12.0+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | firefox | < 12.0+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 12.0.1+build1-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | thunderbird | < 12.0.1+build1-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | thunderbird | < 12.0.1+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 12.0.1+build1-0ubuntu0.12.04.1 | UNKNOWN |
References
Related
nvd
nvd
CVE-2012-0475
2012-04-25 10:10:17
openvas
openvas
Mozilla Products Security Bypass Vulnerability (May 2012) - Windows
2012-05-02 00:00:00
Mozilla Products Security Bypass Vulnerability - May12 (Mac OS X)
2012-05-02 00:00:00
Mozilla Firefox Security Advisory (MFSA2012-28) - Linux
2021-11-11 00:00:00
cvelist
cvelist
CVE-2012-0475
2012-04-25 10:00:00
prion
prion
Cross site scripting
2012-04-25 10:10:00
cve
cve
CVE-2012-0475
2012-04-25 10:10:17
mozilla
mozilla
ubuntu
ubuntu
Firefox vulnerabilities
2012-04-27 00:00:00
ubufox update
2012-04-27 00:00:00
Thunderbird vulnerabilities
2012-05-04 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 11.04 / 11.10 : ubufox update (USN-1430-2)
2012-04-30 00:00:00
Firefox < 12.0 Multiple Vulnerabilities (Mac OS X)
2012-04-27 00:00:00
Thunderbird < 12.0 Multiple Vulnerabilities (Mac OS X)
2012-04-27 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2012-06-02 02:08:30
Security update for Mozilla Firefox (important)
2012-05-02 19:08:16
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-04-24 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-05-09 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.01
Percentile
83.3%
Related for UB:CVE-2012-0475