CVE-2012-0479

Loading...

General

Score:4.3/10.0
Severity:Low
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2011-1187, CVE-2011-3062, CVE-2012-0455, CVE-2012-0456, CVE-2012-0458, CVE-2012-0461, CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144

Published on 25/04/12 - Updated on 18/01/18

Description

Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2012-0479
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2012-AVI-234
CentOS CESA-2012:0515, CESA-2012:0516
Debian DSA-2457-1, DSA-2458-1, DSA-2464-1
Mozilla MFSA2012-33
Redhat RHSA-2012:0515, RHSA-2012:0516
Renater 2012/VULN200
SUSE SUSE-SU-2012:0580, SUSE-SU-2012:0688
Ubuntu USN-1430-1, USN-1430-2, USN-1430-3

Exploits

SecurityFocusBID-53224

Relative technologies

VendorProduct
mozillafirefox
mozillafirefox_esr
mozillaseamonkey
mozillathunderbird
mozillathunderbird_esr

Share this vulnerability with:

Twitter Facebook LinkedIn Mail