CVE-2012-0474 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0 Firefox ESR 10.x before 10.0.4 Thunderbird 5.0 through 11.0 Thunderbird ESR 10.x before 10.0.4 and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads aka \Universal XSS (UXSS).\

Reference

http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:066 http://www.mandriva.com/security/advisories?name=MDVSA-2012:081 http://www.mozilla.org/security/announce/2012/mfsa2012-27.html http://www.securityfocus.com/bid/53228 https://bugzilla.mozilla.org/show_bug.cgi?id=687745 https://bugzilla.mozilla.org/show_bug.cgi?id=737307 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A16107

Share on: