CVE-2012-3978 in Firefoxinfo

Summary

The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.

Be aware that VulDB is the high quality source for vulnerability data.

Responsible

Reservation

07/11/2012

Disclosure

08/29/2012

Moderation

VulDB entry created

Entries

VDB-6064

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

6.3

EPSS

0.01292

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3978
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3978
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3978/

◂ Previous Overview Next ▸