CVE-2012-4210 in Mozilla Firefoxinfo

Summary

The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.

Reservation

08/08/2012

Disclosure

11/21/2012

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
6974	Mozilla Firefox Style Inspector Stylesheet access control	264	Proof-of-Concept	Official fix	CVE-2012-4210

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸