Lucene search
Ubuntu.comUB:CVE-2012-4208HistoryNov 21, 2012 - 12:00 a.m.
CVE-2012-4208
2012-11-2100:00:00
ubuntu.com
ubuntu.com
11
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.002
Percentile
56.7%
The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird
before 17.0, and SeaMonkey before 2.14 does not consider the compartment
during property filtering, which allows remote attackers to bypass intended
chrome-only restrictions on reading DOM object properties via a crafted web
site.
Notes
| Author | Note |
|---|---|
| jdstrand | xulrunner-1.9.2 unmaintained upstream (see README.mozilla for details) |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 17.0+build2-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | firefox | < 17.0+build2-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | firefox | < 17.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | firefox | < 17.0+build2-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 17.0+build2-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | thunderbird | < 17.0+build2-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 17.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | thunderbird | < 17.0+build2-0ubuntu0.12.10.1 | UNKNOWN |
Related
prion
prion
Code injection
2012-11-21 12:55:00
cve
cve
CVE-2012-4208
2012-11-21 12:55:02
cvelist
cvelist
CVE-2012-4208
2012-11-21 11:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-99) - Linux
2021-11-11 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-02 November12 (Windows)
2012-11-26 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-02 November12 (Mac OS X)
2012-11-26 00:00:00
nvd
nvd
CVE-2012-4208
2012-11-21 12:55:02
mozilla
mozilla
nessus
nessus
Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1636-1)
2012-11-23 00:00:00
SeaMonkey 2.x < 2.14 Multiple Vulnerabilities
2012-11-29 00:00:00
Mozilla SeaMonkey 2.x <= 2.13 Multiple Vulnerabilities
2012-11-29 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-11-21 00:00:00
ubufox update
2012-11-21 00:00:00
Firefox regressions
2012-12-03 00:00:00
suse
suse
security update to Firefox 17.0 and other Mozilla based packages (important)
2013-01-23 14:07:31
Security update for Mozilla Firefox (important)
2012-11-29 01:08:52
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-12-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-11-20 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
osv
osv
MozillaThunderbird-45.5.1-1.1 on GA media
2024-06-15 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.002
Percentile
56.7%
Related for UB:CVE-2012-4208