Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-3965 (GCVE-0-2012-3965)
Vulnerability from cvelistv5 – Published: 2012-08-29 10:00 – Updated: 2024-08-06 20:21
VLAI?
EPSS
Summary
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108"
},
{
"name": "oval:org.mitre.oval:def:16442",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442"
},
{
"name": "USN-1548-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1548-1"
},
{
"name": "USN-1548-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1548-2"
},
{
"name": "SUSE-SU-2012:1167",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"name": "SUSE-SU-2012:1157",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"name": "openSUSE-SU-2012:1065",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108"
},
{
"name": "oval:org.mitre.oval:def:16442",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442"
},
{
"name": "USN-1548-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1548-1"
},
{
"name": "USN-1548-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1548-2"
},
{
"name": "SUSE-SU-2012:1167",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"name": "SUSE-SU-2012:1157",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"name": "openSUSE-SU-2012:1065",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108"
},
{
"name": "oval:org.mitre.oval:def:16442",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442"
},
{
"name": "USN-1548-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1548-1"
},
{
"name": "USN-1548-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1548-2"
},
{
"name": "SUSE-SU-2012:1167",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"name": "SUSE-SU-2012:1157",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"name": "openSUSE-SU-2012:1065",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3965",
"datePublished": "2012-08-29T10:00:00.000Z",
"dateReserved": "2012-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:21:04.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-C6RC-75FX-QJHM
Vulnerability from github – Published: 2022-05-17 00:58 – Updated: 2022-05-17 00:58
VLAI?
Details
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.
{
"affected": [],
"aliases": [
"CVE-2012-3965"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-08-29T10:56:00Z",
"severity": "HIGH"
},
"details": "Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.",
"id": "GHSA-c6rc-75fx-qjhm",
"modified": "2022-05-17T00:58:26Z",
"published": "2022-05-17T00:58:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3965"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"type": "WEB",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1548-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1548-2"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2012-3965
Vulnerability from fkie_nvd - Published: 2012-08-29 10:56 - Updated: 2026-06-16 23:44
Severity ?
Summary
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.
References
Impacted products
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "cve@mitre.org"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BAFECDE-D9A1-4600-81B6-163D74312B5B",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
"matchCriteriaId": "438AACF8-006F-4522-853F-30DBBABD8C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F18A45C0-419C-4723-AB7D-5880EF668CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
"matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "824369CF-00A0-434E-94BC-71CA1317012C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB35099-B04E-4796-A25D-953329FE62F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5DBEBCFD-80D6-466A-BAEF-C75E65A3B12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C30ACBCA-4FA1-46DE-8F15-4830BC27E160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9453EF65-7C69-449E-BF7C-4FECFB56713E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA75825-21CF-475B-8040-126A13FA2216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA97C80E-17FA-4866-86CE-29886145ED80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE24BED-202E-416D-B5F2-8207D97B9939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "04198E04-CE1D-4A5A-A20C-D1E135B45F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "717DB967-F658-4699-A224-5B261BFEC10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0544D626-E269-4677-9B05-7DAB23BD103B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C95F7B2C-80FC-4DF2-9680-F74634DCE3E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "863C140E-DC15-4A88-AB8A-8AEF9F4B8164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "38CD049A-5333-4FF7-AD34-6B74E19BADCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0066576D-D66A-4B59-B5C3-471EEBEE8B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "60ED6DAA-9194-4829-BC1A-00F04BE7930A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "13BEB9A6-EFD5-4793-9603-84DB84F1CF7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "461163C6-4CA8-4BA9-95A1-136E612CBA6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "275E9D96-1290-44AB-BF9B-E9E4A803F593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "412DF091-7604-4110-87A0-3488116A97E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9024117-2E8B-4240-9E21-CC501F3879B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC3CAD3-2F54-4E32-A0C9-0D826C45AC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "52624B41-AB34-40AD-8709-D9646B618AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "917E9856-9556-4FD6-A834-858F8837A6B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98BBD74D-930C-4D80-A91B-0D61347BAA63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF2E696-883D-4DE5-8B79-D8E5D9470253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "94E04FD9-38E8-462D-82C2-729F7F7F0465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5888517E-3C57-4A0A-9895-EA4BCB0A0ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB21291-B9F3-445E-A9E9-EA1822083DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D595F649-ECBE-45E0-8AAD-BCBC65A654B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE6E920-9A4C-431B-89EA-683A22F15ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18B6CC9F-6295-4598-B28B-0CA19D1D9F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F0434D-C84F-49FD-9F44-66D3ACD7B601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AAB416-E865-4EEE-8FCB-A91253BEB52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "76CD3BDF-A079-4EF3-ABDE-43CBDD08DB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "031E8624-5161-43AF-AF19-6BAB5A94FDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54186D4A-C6F0-44AD-94FB-73B4346ABB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47E50AD9-BA35-4817-BD4D-5D678FC5A3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DD09DE40-8C9B-41EA-B372-9E4E4830E8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F223FB83-0EDB-4429-94B9-1AEEF314B73F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6B977F-292F-4981-95A0-6065A3C487D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "342226B9-2C0C-416C-81FE-19C49F03AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2A6A28E0-F67A-4275-B0D9-A02822E9EF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAB4696-76F3-458C-B33B-D7F8690C60A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB444FD-15F3-4447-9EA8-1669779A5749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F92E2EF3-A612-476F-9D31-1EEC240C7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F175D30-2416-4172-BF11-DA78D252D608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3F168-3EF4-492E-BBAA-EACB1357C709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4B46BA97-2860-45E4-9FD3-F418A202E4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C23289-38C3-4C62-8B27-249EAECC297E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F3782354-7EB7-49D2-B240-1871F6CB84C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30D47263-03AD-4060-91E3-90F997B3D174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD775DF-277E-4D5B-B980-B8E6E782467D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8587BFD-417D-42BE-A5F8-22FDC68FA9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7364FAB-EEE9-4064-A8AD-6547239F9AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4C50485F-BC7B-4B70-A47B-1712E2DBAC5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "51EE386B-0833-484E-A2AB-86B4470D4D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EF1B4D-6556-4B3C-BDD0-6348A4D4A91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "68C5C7CF-005B-42FC-B950-90303F0CC115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2FA2CF-7FE4-43B1-96A0-C14666EDBD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "30290F6D-55CA-47EB-8F41-7BBB745C7A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F61F0607-14B0-49AD-B7E6-C4D75401C270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7FED863D-2898-4148-A9FB-73BFF9DE4396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "779C1245-A6F9-41F5-B8D4-FAE506A23FD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7CFEE9-70D4-465F-9FB9-397E6B200FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "197E56BF-BE78-459F-A124-786DF39D1235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "07747612-3890-4271-94A4-4347E5ED073D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0855BA85-BC52-4EDF-915A-8B4E5FB48092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "BC273819-9DDE-4591-9376-1DD5782461F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "9B68D1E7-B2F7-4581-8173-8CCF55A0E1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CDFF6453-B707-4772-8CDF-2F8922FD4894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D70DBF-1CF2-491D-BA0F-478D7732E01C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0B55ADF9-6525-4EFA-A431-CD69C8C2216C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B40A42AD-7097-47F8-9A3F-1806D8C174F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C69962C4-FA56-47F2-82A4-DFF4C19DAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B7BC1684-3634-4585-B7E6-8C8777E1DA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*",
"matchCriteriaId": "A490D040-EF74-45C2-89ED-D88ADD222712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*",
"matchCriteriaId": "6CDA17D1-CD93-401E-860C-7C3291FEEB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*",
"matchCriteriaId": "6F72FDE3-54E0-48E4-9015-1B8A36DB1EC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "4062C901-3828-415B-A6C3-EDD0E7B20C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "CC0D8730-7034-4AD6-9B05-F8BAFB0145EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "857AFB05-F0C1-4061-9680-9561D68C908F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "EC37EBAF-C979-4ACC-ACA9-BDC2AECCB0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "80801CD8-EEAF-4BC4-9085-DCCC6CF73076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "FAF4C78A-5093-4871-AF69-A8E8FD7E1AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "560AD4C7-89D2-4323-BBCC-A89EEB6832CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "6B389CBC-4F6C-4C17-A87B-A6DD92703A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFBA043-91BC-4FB5-A34D-FCE1A9C65A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8901A808-66F1-4501-AFF6-6FBB22852855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B88D1373-6E41-4EF4-86A0-CE85EA3BF23E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F42315C-35AF-4EDD-8B78-A9EDB9F85D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62147F86-C2E6-4D55-9C72-F8BB430F2F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4D1FFD-3AFE-4F52-BCBE-A56609B2D7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2CD349-B9BF-4752-B7B9-665BF718EDB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11A8F675-A91F-4E41-AA2B-5214DF79C69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "75B6A811-2B5A-484A-9878-C8E2C3E7633C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "456769EF-8961-4038-A7D5-B980147159E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7439C998-E396-4EEC-9C21-E82D27459EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1CD246C-1104-4DA1-9BFD-ED0B1FBA7EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D4D8C9-5A00-46FE-9E42-CB8C2D66B120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E639BCCB-A6BF-4174-BFAF-9674E65BA404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDFC5947-3C3D-4484-8803-D6629C63B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEA6800-CBDB-497A-BBBE-1C40E8484A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF604D56-5D81-4276-88A1-AE321929E22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "AB630A94-DA1F-4A7F-891D-E6F242C20271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B038D136-BB5E-4252-B313-A13919195DB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a v15.0 no restringe adecuadamente en una p\u00e1gina about:newtab, lo que permite a atacantes remotos ejecutar c\u00f3digos JavaScript con privilegios chrome a trav\u00e9s de un sitio web manipulado que evita la creaci\u00f3n de una nueva pesta\u00f1a y luego una nueva ventana."
}
],
"id": "CVE-2012-3965",
"lastModified": "2026-06-16T23:44:09.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-08-29T10:56:40.660",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1548-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1548-2"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1548-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1548-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTA-2012-AVI-467
Vulnerability from certfr_avis - Published: 2012-08-29 - Updated: 2012-10-09
Seize vulnérabilités ont été corrigées dans les produits Mozilla. Sept d'entre elles sont considérées comme critiques par l'éditeur. Plusieurs concernent le traitement des images, des utilisations de données après leur libération et différentes compromissions d'espace mémoire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | N/A | versions antérieures à SeaMonkey 2.12 ; | ||
| Mozilla | Thunderbird | versions antérieures à Thunderbird ESR 10.0.7 ; | ||
| Mozilla | Thunderbird | versions antérieures à Thunderbird 15 ; | ||
| Mozilla | N/A | versions antérieures à Icedove 10.0.7-1. | ||
| Mozilla | Firefox ESR | versions antérieures à Firefox ESR 10.0.7 ; | ||
| Mozilla | Firefox | Versions antérieures à Firefox 15 ; |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "versions ant\u00e9rieures \u00e0 SeaMonkey 2.12 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 Thunderbird ESR 10.0.7 ;",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 Thunderbird 15 ;",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 Icedove 10.0.7-1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 Firefox ESR 10.0.7 ;",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Versions ant\u00e9rieures \u00e0 Firefox 15 ;",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-1973",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1973"
},
{
"name": "CVE-2012-3974",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3974"
},
{
"name": "CVE-2012-3962",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3962"
},
{
"name": "CVE-2012-3967",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3967"
},
{
"name": "CVE-2012-3966",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3966"
},
{
"name": "CVE-2012-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1972"
},
{
"name": "CVE-2012-3976",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3976"
},
{
"name": "CVE-2012-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1975"
},
{
"name": "CVE-2012-3971",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3971"
},
{
"name": "CVE-2012-3957",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3957"
},
{
"name": "CVE-2012-3975",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3975"
},
{
"name": "CVE-2012-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3970"
},
{
"name": "CVE-2012-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3978"
},
{
"name": "CVE-2012-3959",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3959"
},
{
"name": "CVE-2012-3973",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3973"
},
{
"name": "CVE-2012-3980",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3980"
},
{
"name": "CVE-2012-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1971"
},
{
"name": "CVE-2012-3963",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3963"
},
{
"name": "CVE-2012-3961",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3961"
},
{
"name": "CVE-2012-3972",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3972"
},
{
"name": "CVE-2012-3965",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3965"
},
{
"name": "CVE-2012-1956",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1956"
},
{
"name": "CVE-2012-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3968"
},
{
"name": "CVE-2012-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1974"
},
{
"name": "CVE-2012-1976",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1976"
},
{
"name": "CVE-2012-3964",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3964"
},
{
"name": "CVE-2012-3960",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3960"
},
{
"name": "CVE-2012-3969",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3969"
},
{
"name": "CVE-2012-3979",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3979"
},
{
"name": "CVE-2012-1970",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1970"
},
{
"name": "CVE-2012-3958",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3958"
},
{
"name": "CVE-2012-3956",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3956"
}
],
"initial_release_date": "2012-08-29T00:00:00",
"last_revision_date": "2012-10-09T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-69 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-69.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-61 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-61.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-63 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-63.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-59 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-59.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-67 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-67.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de Debian DSA-2556 du 07 octobre 2012 :",
"url": "http://www.debian.org/security/2012/dsa-2556"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-71 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-65 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-65.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-66 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-66.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-68 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-68.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-64 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-64.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-72 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-72.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-70 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-70.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-58 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-60 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-60.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-57 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-57.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-62 du 28 ao\u00fbt 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-62.html"
}
],
"reference": "CERTA-2012-AVI-467",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2012-08-29T00:00:00.000000"
},
{
"description": "ajout du produit Icedove.",
"revision_date": "2012-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Seize vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eMozilla\u003c/span\u003e. Sept d\u0027entre elles sont consid\u00e9r\u00e9es comme\ncritiques par l\u0027\u00e9diteur. Plusieurs concernent le traitement des images,\ndes utilisations de donn\u00e9es apr\u00e8s leur lib\u00e9ration et diff\u00e9rentes\ncompromissions d\u0027espace m\u00e9moire.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla et Icedove",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Mozilla du 28 ao\u00fbt 2012",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…