Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-4192
HistoryOct 10, 2012 - 12:00 a.m.

CVE-2012-4192

2012-10-1000:00:00
ubuntu.com
ubuntu.com
16

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.084

Percentile

94.4%

Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote
attackers to bypass the Same Origin Policy and read the properties of a
Location object via a crafted web site, a related issue to CVE-2012-4193.

Notes

Author Note
jdstrand Mozilla plans push out on 2012-10-11.
micahg this CVE was for the 16 regression
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox< 16.0.1+build1-0ubuntu0.10.04.1UNKNOWN
ubuntu11.04noarchfirefox< 16.0.1+build1-0ubuntu0.11.04.1UNKNOWN
ubuntu11.10noarchfirefox< 16.0.1+build1-0ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchfirefox< 16.0.1+build1-0ubuntu0.12.04.1UNKNOWN

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.084

Percentile

94.4%