Lucene search
Ubuntu.comUB:CVE-2012-4196HistoryOct 26, 2012 - 12:00 a.m.
CVE-2012-4196
2012-10-2600:00:00
ubuntu.com
ubuntu.com
9
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
80.4%
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird
before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before
2.13.2 allow remote attackers to bypass the Same Origin Policy and read the
Location object via a prototype property-injection attack that defeats
certain protection mechanisms for this object.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | xulrunner-1.9.2 unmaintained upstream (see README.mozilla for details) |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 16.0.2+build1-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | firefox | < 16.0.2+build1-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | firefox | < 16.0.2+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | firefox | < 16.0.2+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | firefox | < 16.0.2+build1-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | firefox | < 17.0~b1+build1-0ubuntu1 | UNKNOWN |
| ubuntu | 13.10 | noarch | firefox | < 17.0~b1+build1-0ubuntu1 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 16.0.2+build1-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | thunderbird | < 16.0.2+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 16.0.2+build1-0ubuntu0.12.04.1 | UNKNOWN |
References
Related
prion
prion
Code injection
2012-10-29 18:55:00
cvelist
cvelist
CVE-2012-4196
2012-10-29 18:00:00
cve
cve
CVE-2012-4196
2012-10-29 18:55:01
nvd
nvd
CVE-2012-4196
2012-10-29 18:55:01
nessus
nessus
Firefox < 10.0.10 Multiple Vulnerabilities (Mac OS X)
2012-10-29 00:00:00
Thunderbird 10.x < 10.0.10 Multiple Vulnerabilities (Mac OS X)
2012-10-29 00:00:00
Mozilla Thunderbird 10.x < 10.0.10 Multiple Vulnerabilities
2012-10-29 00:00:00
suse
suse
Mozilla Suite: Update to 16.0.2 (important)
2012-10-30 01:08:34
Security update for Mozilla Firefox (important)
2012-10-31 22:08:42
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
openvas
openvas
Ubuntu Update for thunderbird USN-1620-2
2012-10-31 00:00:00
Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)
2012-11-02 00:00:00
RedHat Update for thunderbird RHSA-2012:1413-01
2012-11-02 00:00:00
redhat
redhat
(RHSA-2012:1413) Important: thunderbird security update
2012-10-29 00:00:00
(RHSA-2012:1407) Critical: firefox security update
2012-10-26 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-10-26 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-10-29 00:00:00
firefox security update
2012-10-26 00:00:00
centos
centos
thunderbird security update
2012-10-30 03:07:34
firefox, xulrunner security update
2012-10-27 02:12:20
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:43:52
Same-Origin Policy Bypass
2019-05-02 04:43:52
mozilla
mozilla
Fixes for Location object issues — Mozilla
2012-10-26 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2012-10-26 00:00:00
Thunderbird vulnerabilities
2012-10-30 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
80.4%
Related for UB:CVE-2012-4196