Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-4207

Опубликовано: 21 нояб. 2012
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

РелизСтатусПримечание
devel

not-affected

18.0~b2+build1-0ubuntu1
hardy

ignored

end of life
lucid

released

17.0+build2-0ubuntu0.10.04.1
oneiric

released

17.0+build2-0ubuntu0.11.10.1
precise

released

17.0+build2-0ubuntu0.12.04.1
quantal

released

17.0+build2-0ubuntu0.12.10.1
raring

not-affected

18.0~b2+build1-0ubuntu1
saucy

not-affected

18.0~b2+build1-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

ignored

end of life
lucid

ignored

end of life
oneiric

ignored

end of life
precise

DNE

quantal

DNE

raring

DNE

saucy

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

not-affected

17.0+build2-0ubuntu1
hardy

ignored

end of life
lucid

released

17.0+build2-0ubuntu0.10.04.1
oneiric

released

17.0+build2-0ubuntu0.11.10.1
precise

released

17.0+build2-0ubuntu0.12.04.1
quantal

released

17.0+build2-0ubuntu0.12.10.1
raring

not-affected

17.0+build2-0ubuntu1
saucy

not-affected

17.0+build2-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

ignored

end of life
lucid

ignored

end of life
oneiric

DNE

precise

DNE

quantal

DNE

raring

DNE

saucy

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

DNE

oneiric

DNE

precise

DNE

quantal

DNE

raring

DNE

saucy

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2012-4207

redhat
почти 13 лет назад

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

nvd логотип

CVE-2012-4207

nvd
почти 13 лет назад

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

debian логотип

CVE-2012-4207

debian
почти 13 лет назад

The HZ-GB-2312 character-set implementation in Mozilla Firefox before ...

github логотип

GHSA-jprg-6jgr-c6j9

github
больше 3 лет назад

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

oracle-oval логотип

ELSA-2012-1483

oracle-oval
почти 13 лет назад

ELSA-2012-1483: thunderbird security update (CRITICAL)

4.3 Medium

CVSS2