Lucene search
Ubuntu.comUB:CVE-2012-1957HistoryJul 17, 2012 - 12:00 a.m.
CVE-2012-1957
2012-07-1700:00:00
ubuntu.com
ubuntu.com
17
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.004
Percentile
73.4%
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0,
Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird
ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle
EMBED elements within description elements in RSS feeds, which allows
remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 14.0.1+build1-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | firefox | < 14.0.1+build1-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | firefox | < 14.0.1+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | firefox | < 14.0.1+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 14.0+build1-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | thunderbird | < 14.0+build1-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | thunderbird | < 14.0+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 14.0+build1-0ubuntu0.12.04.1 | UNKNOWN |
References
Related
prion
prion
Cross site scripting
2012-07-18 10:26:00
nvd
nvd
CVE-2012-1957
2012-07-18 10:26:48
cve
cve
CVE-2012-1957
2012-07-18 10:26:48
mozilla
mozilla
Improper filtering of javascript in HTML feed-view — Mozilla
2012-07-17 00:00:00
cvelist
cvelist
CVE-2012-1957
2012-07-18 10:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-47) - Linux
2021-11-11 00:00:00
Ubuntu: Security Advisory (USN-1509-2)
2012-07-19 00:00:00
Mozilla Products Multiple Vulnerabilities - July12 (Mac OS X)
2012-07-23 00:00:00
suse
suse
MozillaThunderbird: update to Thunderbird 14.0 (important)
2012-07-27 13:08:18
seamonkey: Update to Seamonkey 2.11 (important)
2012-08-01 18:08:34
Security update for Mozilla Firefox (important)
2012-07-21 01:08:17
nessus
nessus
Thunderbird 10.0.x < 10.0.6 Multiple Vulnerabilities (Mac OS X)
2012-07-19 00:00:00
Mozilla Thunderbird 10.0.x < 10.0.6 Multiple Vulnerabilities
2012-07-19 00:00:00
Mozilla Thunderbird < 14.0 Multiple Vulnerabilities
2012-07-23 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-07-17 00:00:00
firefox security update
2012-07-17 00:00:00
redhat
redhat
(RHSA-2012:1089) Critical: thunderbird security update
2012-07-17 00:00:00
(RHSA-2012:1088) Critical: firefox security update
2012-07-17 00:00:00
centos
centos
thunderbird security update
2012-07-17 21:25:02
firefox, xulrunner security update
2012-07-17 20:41:16
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-07-17 00:00:00
Firefox vulnerabilities
2012-07-17 00:00:00
ubufox update
2012-07-18 00:00:00
veracode
veracode
Spoofing Vulnerability
2019-05-02 04:42:26
Use-After-Free (UAF)
2019-05-02 04:42:25
Denial Of Service (DoS)
2019-05-02 04:42:25
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-07-17 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
osv
osv
MozillaThunderbird-45.5.1-1.1 on GA media
2024-06-15 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.004
Percentile
73.4%
Related for UB:CVE-2012-1957