CVE-2012-1961 in Firefoxinfo

Summary

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

03/30/2012

Disclosure

07/18/2012

Moderation

VulDB entry created

Entries

VDB-5676 (1)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

4.3

EPSS

0.01172

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-1961
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1961
CVE Details	https://www.cvedetails.com/cve/CVE-2012-1961/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!