CVE-2012-0455 (GCVE-0-2012-0455)

Vulnerability from cvelistv5 – Published: 2012-03-14 19:00 – Updated: 2024-08-06 18:23
VLAI?
Summary
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://lists.opensuse.org/opensuse-updates/2012-0… vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/48402 third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/48624 third-party-advisoryx_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://www.ubuntu.com/usn/USN-1400-5 vendor-advisoryx_refsource_UBUNTU
https://bugzilla.mozilla.org/show_bug.cgi?id=704354 x_refsource_CONFIRM
http://secunia.com/advisories/48414 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48359 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48823 third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1401-1 vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-1400-4 vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/48629 third-party-advisoryx_refsource_SECUNIA
http://www.mozilla.org/security/announce/2012/mfs… x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1400-3 vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2012-0387.html vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/48496 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/52458 vdb-entryx_refsource_BID
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://www.ubuntu.com/usn/USN-1400-2 vendor-advisoryx_refsource_UBUNTU
http://www.debian.org/security/2012/dsa-2458 vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/48920 third-party-advisoryx_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.debian.org/security/2012/dsa-2433 vendor-advisoryx_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://www.securitytracker.com/id?1026803 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/48495 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48553 third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1400-1 vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/48561 third-party-advisoryx_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2012-0388.html vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id?1026801 vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1026804 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/48513 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:23:30.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2012:0417",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"
          },
          {
            "name": "48402",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48402"
          },
          {
            "name": "MDVSA-2012:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"
          },
          {
            "name": "48624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48624"
          },
          {
            "name": "SUSE-SU-2012:0424",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html"
          },
          {
            "name": "USN-1400-5",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1400-5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=704354"
          },
          {
            "name": "48414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48414"
          },
          {
            "name": "48359",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48359"
          },
          {
            "name": "48823",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48823"
          },
          {
            "name": "USN-1401-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1401-1"
          },
          {
            "name": "USN-1400-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1400-4"
          },
          {
            "name": "48629",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48629"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-13.html"
          },
          {
            "name": "USN-1400-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1400-3"
          },
          {
            "name": "RHSA-2012:0387",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0387.html"
          },
          {
            "name": "48496",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48496"
          },
          {
            "name": "52458",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52458"
          },
          {
            "name": "SUSE-SU-2012:0425",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html"
          },
          {
            "name": "USN-1400-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1400-2"
          },
          {
            "name": "DSA-2458",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2458"
          },
          {
            "name": "48920",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48920"
          },
          {
            "name": "oval:org.mitre.oval:def:14829",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14829"
          },
          {
            "name": "DSA-2433",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2433"
          },
          {
            "name": "MDVSA-2012:032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:032"
          },
          {
            "name": "1026803",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026803"
          },
          {
            "name": "48495",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48495"
          },
          {
            "name": "48553",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48553"
          },
          {
            "name": "USN-1400-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1400-1"
          },
          {
            "name": "48561",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48561"
          },
          {
            "name": "RHSA-2012:0388",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0388.html"
          },
          {
            "name": "1026801",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026801"
          },
          {
            "name": "1026804",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026804"
          },
          {
            "name": "48513",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48513"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \"DragAndDropJacking\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2012:0417",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"
        },
        {
          "name": "48402",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48402"
        },
        {
          "name": "MDVSA-2012:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"
        },
        {
          "name": "48624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48624"
        },
        {
          "name": "SUSE-SU-2012:0424",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html"
        },
        {
          "name": "USN-1400-5",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1400-5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=704354"
        },
        {
          "name": "48414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48414"
        },
        {
          "name": "48359",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48359"
        },
        {
          "name": "48823",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48823"
        },
        {
          "name": "USN-1401-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1401-1"
        },
        {
          "name": "USN-1400-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1400-4"
        },
        {
          "name": "48629",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48629"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-13.html"
        },
        {
          "name": "USN-1400-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1400-3"
        },
        {
          "name": "RHSA-2012:0387",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0387.html"
        },
        {
          "name": "48496",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48496"
        },
        {
          "name": "52458",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52458"
        },
        {
          "name": "SUSE-SU-2012:0425",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html"
        },
        {
          "name": "USN-1400-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1400-2"
        },
        {
          "name": "DSA-2458",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2458"
        },
        {
          "name": "48920",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48920"
        },
        {
          "name": "oval:org.mitre.oval:def:14829",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14829"
        },
        {
          "name": "DSA-2433",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2433"
        },
        {
          "name": "MDVSA-2012:032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:032"
        },
        {
          "name": "1026803",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026803"
        },
        {
          "name": "48495",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48495"
        },
        {
          "name": "48553",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48553"
        },
        {
          "name": "USN-1400-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1400-1"
        },
        {
          "name": "48561",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48561"
        },
        {
          "name": "RHSA-2012:0388",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0388.html"
        },
        {
          "name": "1026801",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026801"
        },
        {
          "name": "1026804",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026804"
        },
        {
          "name": "48513",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48513"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-0455",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \"DragAndDropJacking\" issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2012:0417",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"
            },
            {
              "name": "48402",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48402"
            },
            {
              "name": "MDVSA-2012:031",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"
            },
            {
              "name": "48624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48624"
            },
            {
              "name": "SUSE-SU-2012:0424",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html"
            },
            {
              "name": "USN-1400-5",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1400-5"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=704354",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=704354"
            },
            {
              "name": "48414",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48414"
            },
            {
              "name": "48359",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48359"
            },
            {
              "name": "48823",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48823"
            },
            {
              "name": "USN-1401-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1401-1"
            },
            {
              "name": "USN-1400-4",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1400-4"
            },
            {
              "name": "48629",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48629"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-13.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-13.html"
            },
            {
              "name": "USN-1400-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1400-3"
            },
            {
              "name": "RHSA-2012:0387",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0387.html"
            },
            {
              "name": "48496",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48496"
            },
            {
              "name": "52458",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52458"
            },
            {
              "name": "SUSE-SU-2012:0425",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html"
            },
            {
              "name": "USN-1400-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1400-2"
            },
            {
              "name": "DSA-2458",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2458"
            },
            {
              "name": "48920",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48920"
            },
            {
              "name": "oval:org.mitre.oval:def:14829",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14829"
            },
            {
              "name": "DSA-2433",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2433"
            },
            {
              "name": "MDVSA-2012:032",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:032"
            },
            {
              "name": "1026803",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026803"
            },
            {
              "name": "48495",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48495"
            },
            {
              "name": "48553",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48553"
            },
            {
              "name": "USN-1400-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1400-1"
            },
            {
              "name": "48561",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48561"
            },
            {
              "name": "RHSA-2012:0388",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0388.html"
            },
            {
              "name": "1026801",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026801"
            },
            {
              "name": "1026804",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026804"
            },
            {
              "name": "48513",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48513"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-0455",
    "datePublished": "2012-03-14T19:00:00",
    "dateReserved": "2012-01-09T00:00:00",
    "dateUpdated": "2024-08-06T18:23:30.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0455\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-03-14T19:55:01.837\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \\\"DragAndDropJacking\\\" issue.\"},{\"lang\":\"es\",\"value\":\"Mozilla Firefox antes de v3.6.28 y v4.x hasta v10.0, Firefox ESR v10.x antes de v10.0.3, Thunderbird antes de v3.1.20 y v5.0 hasta v10.0, Thunderbird ESR v10.x antes de v10.0.3, y SeaMonkey antes de v2.8 no restringen adecuadamente arrastrar y soltar en javascript: URLs, lo que permite a atacantes remotos asistidos por el usuario realizar ataques de ejecuci\u00f3n de secuencias de comandos en sitios cruzados a trav\u00e9s de una p\u00e1gina web modificada, relacionado con un problema \\\"DragAndDropJacking\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.6.27\",\"matchCriteriaId\":\"DEDA8682-2289-4478-B816-8696412EA592\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69962C4-FA56-47F2-82A4-DFF4C19DAF3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7BC1684-3634-4585-B7E6-8C8777E1DA0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A490D040-EF74-45C2-89ED-D88ADD222712\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CDA17D1-CD93-401E-860C-7C3291FEEB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F72FDE3-54E0-48E4-9015-1B8A36DB1EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4062C901-3828-415B-A6C3-EDD0E7B20C0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC0D8730-7034-4AD6-9B05-F8BAFB0145EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"857AFB05-F0C1-4061-9680-9561D68C908F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC37EBAF-C979-4ACC-ACA9-BDC2AECCB0D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"80801CD8-EEAF-4BC4-9085-DCCC6CF73076\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAF4C78A-5093-4871-AF69-A8E8FD7E1AAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"560AD4C7-89D2-4323-BBCC-A89EEB6832CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B389CBC-4F6C-4C17-A87B-A6DD92703A10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDFBA043-91BC-4FB5-A34D-FCE1A9C65A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8901A808-66F1-4501-AFF6-6FBB22852855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B88D1373-6E41-4EF4-86A0-CE85EA3BF23E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F42315C-35AF-4EDD-8B78-A9EDB9F85D59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62147F86-C2E6-4D55-9C72-F8BB430F2F7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE4D1FFD-3AFE-4F52-BCBE-A56609B2D7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B2CD349-B9BF-4752-B7B9-665BF718EDB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11A8F675-A91F-4E41-AA2B-5214DF79C69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B6A811-2B5A-484A-9878-C8E2C3E7633C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"456769EF-8961-4038-A7D5-B980147159E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7439C998-E396-4EEC-9C21-E82D27459EA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1CD246C-1104-4DA1-9BFD-ED0B1FBA7EF5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1D4D8C9-5A00-46FE-9E42-CB8C2D66B120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34F9D5FD-1426-4D54-BB22-F7C37AEE8345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FBFD36F-C986-4968-91D2-4251C7B3B792\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.1.19\",\"matchCriteriaId\":\"7F95019C-7AC8-4C6E-9641-A6669B34DFDE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B82F27E4-BF6A-4F26-B50A-E4C0C19195B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"158215B1-22D3-4441-8F48-CAC048C2FF61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28596BA2-CEBB-466F-AF7B-C47E92450672\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EABF0A0D-8B5A-421A-87E5-67A226736775\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A5BE5DD-4FC8-497A-AED3-3354C09CA71E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CCE074F-58FE-4B1B-849D-879825D96767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"427DE88B-A729-43F8-B7FE-6DCDC91A7FA8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"369438BA-3E3E-4F4A-9D55-37201BCC19EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C6BE133-ED60-489A-9EA4-239FFFAD13A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"772CC146-E2FA-4E18-AAAB-1D04D8572DB1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:*:beta5:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7\",\"matchCriteriaId\":\"2B932629-8F16-4CD0-A470-E1B7EB393009\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0387.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0388.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/48359\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/48402\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/48414\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/48495\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48496\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48513\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48553\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48561\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48624\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48629\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48823\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48920\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2433\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2458\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:031\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:032\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mozilla.org/security/announce/2012/mfsa2012-13.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/52458\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1026801\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1026803\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1026804\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1401-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=704354\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14829\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0387.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0388.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48359\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48513\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48561\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48624\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48920\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2433\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2012/mfsa2012-13.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/52458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026803\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026804\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1400-5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1401-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=704354\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14829\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.