Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-1965
HistoryJul 17, 2012 - 12:00 a.m.

CVE-2012-1965

2012-07-1700:00:00
ubuntu.com
ubuntu.com
11

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.0%

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not
properly establish the security context of a feed: URL, which allows remote
attackers to bypass unspecified cross-site scripting (XSS) protection
mechanisms via a feed:javascript: URL.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox< 14.0.1+build1-0ubuntu0.10.04.1UNKNOWN
ubuntu11.04noarchfirefox< 14.0.1+build1-0ubuntu0.11.04.1UNKNOWN
ubuntu11.10noarchfirefox< 14.0.1+build1-0ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchfirefox< 14.0.1+build1-0ubuntu0.12.04.1UNKNOWN

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.0%