Lucene search
Ubuntu.comUB:CVE-2012-4210HistoryNov 21, 2012 - 12:00 a.m.
CVE-2012-4210
2012-11-2100:00:00
ubuntu.com
ubuntu.com
13
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
87.1%
The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x
before 10.0.11 does not properly restrict the context of HTML markup and
Cascading Style Sheets (CSS) token sequences, which allows user-assisted
remote attackers to execute arbitrary JavaScript code with chrome
privileges via a crafted stylesheet.
Notes
| Author | Note |
|---|---|
| jdstrand | xulrunner-1.9.2 unmaintained upstream (see README.mozilla for details) |
| micahg | Firefox only per MFSA |
Related
openvas
openvas
Mozilla Firefox Code Execution Vulnerabilities - November12 (Mac OS X)
2012-11-26 00:00:00
Mozilla Firefox Security Advisory (MFSA2012-104) - Linux
2021-11-11 00:00:00
Mozilla Firefox Code Execution Vulnerabilities (Nov 2012) - Mac OS X
2012-11-26 00:00:00
mozilla
mozilla
CSS and HTML injection through Style Inspector — Mozilla
2012-11-20 00:00:00
prion
prion
Code injection
2012-11-21 12:55:00
cvelist
cvelist
CVE-2012-4210
2012-11-21 11:00:00
nvd
nvd
CVE-2012-4210
2012-11-21 12:55:02
cve
cve
CVE-2012-4210
2012-11-21 12:55:02
centos
centos
firefox, xulrunner security update
2012-11-22 02:03:00
veracode
veracode
Arbitrary Code Execution Or Denial Of Service (DoS)
2019-05-02 04:41:14
Cross Site Scripting (XSS)
2019-05-02 04:41:12
Cross Site Scripting (XSS)
2019-05-02 04:41:17
nessus
nessus
Firefox < 10.0.11 Multiple Vulnerabilities (Mac OS X)
2012-11-21 00:00:00
Oracle Linux 5 / 6 : firefox (ELSA-2012-1482)
2013-07-12 00:00:00
RHEL 5 / 6 : firefox (RHSA-2012:1482)
2012-11-21 00:00:00
redhat
redhat
(RHSA-2012:1482) Critical: firefox security update
2012-11-20 00:00:00
oraclelinux
oraclelinux
firefox security update
2012-11-20 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2012-11-21 00:00:00
ubufox update
2012-11-21 00:00:00
Firefox regressions
2012-12-03 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2012-11-29 01:08:52
security update to Firefox 17.0 and other Mozilla based packages (important)
2013-01-23 14:07:31
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-11-20 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-12-03 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
87.1%
Related for UB:CVE-2012-4210