Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2012-4195
Description:The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-4195
BugTraq ID: 56302
http://www.securityfocus.com/bid/56302
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16856
RedHat Security Advisories: RHSA-2012:1407
http://rhn.redhat.com/errata/RHSA-2012-1407.html
RedHat Security Advisories: RHSA-2012:1413
http://rhn.redhat.com/errata/RHSA-2012-1413.html
http://secunia.com/advisories/51121
http://secunia.com/advisories/51123
http://secunia.com/advisories/51127
http://secunia.com/advisories/51144
http://secunia.com/advisories/51146
http://secunia.com/advisories/51147
http://secunia.com/advisories/51165
http://secunia.com/advisories/55318
SuSE Security Announcement: SUSE-SU-2012:1426 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00025.html
SuSE Security Announcement: openSUSE-SU-2012:1412 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00019.html
http://www.ubuntu.com/usn/USN-1620-1
http://www.ubuntu.com/usn/USN-1620-2




© 1998-2024 E-Soft Inc. All rights reserved.