Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-3994

Опубликовано: 10 окт. 2012
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3

Описание

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.

РелизСтатусПримечание
devel

released

16.0+build1-0ubuntu1
hardy

ignored

end of life
lucid

released

16.0+build1-0ubuntu0.10.04.1
natty

released

16.0+build1-0ubuntu0.11.04.1
oneiric

released

16.0+build1-0ubuntu0.11.10.1
precise

released

16.0+build1-0ubuntu0.12.04.1
quantal

released

16.0+build1-0ubuntu1
raring

released

16.0+build1-0ubuntu1
saucy

released

16.0+build1-0ubuntu1
upstream

released

16.0

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

ignored

end of life
lucid

ignored

end of life
natty

ignored

end of life
oneiric

ignored

end of life
precise

DNE

quantal

DNE

raring

DNE

saucy

DNE

upstream

released

2.13

Показывать по

РелизСтатусПримечание
devel

released

16.0.1+build1-0ubuntu1
hardy

ignored

end of life
lucid

released

16.0+build1-0ubuntu0.10.04.1
natty

released

16.0+build1-0ubuntu0.11.04.1
oneiric

released

16.0+build1-0ubuntu0.11.10.1
precise

released

16.0+build1-0ubuntu0.12.04.1
quantal

released

16.0.1+build1-0ubuntu1
raring

released

16.0.1+build1-0ubuntu1
saucy

released

16.0.1+build1-0ubuntu1
upstream

released

16.0

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

ignored

end of life
lucid

ignored

end of life
natty

ignored

end of life
oneiric

DNE

precise

DNE

quantal

DNE

raring

DNE

saucy

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 75%
0.00927
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2012-3994

redhat
почти 13 лет назад

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.

nvd логотип

CVE-2012-3994

nvd
почти 13 лет назад

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.

debian логотип

CVE-2012-3994

debian
почти 13 лет назад

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi ...

github логотип

GHSA-vrqh-q75j-j6x8

github
больше 3 лет назад

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.

oracle-oval логотип

ELSA-2012-1351

oracle-oval
почти 13 лет назад

ELSA-2012-1351: thunderbird security update (CRITICAL)

EPSS

Процентиль: 75%
0.00927
Низкий

4.3 Medium

CVSS2