CVE-2012-1956

NONECVSS 0.0

0.0

Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.

🔗 References (20)

cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2012-1351.html
cve@mitrehttp://www.mozilla.org/security/announce/2012/mfsa2012-59.html
cve@mitrehttp://www.securityfocus.com/bid/55260
cve@mitrehttp://www.ubuntu.com/usn/USN-1548-1
cve@mitrehttp://www.ubuntu.com/usn/USN-1548-2
cve@mitrehttps://bugzilla.mozilla.org/show_bug.cgi?id=756719
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16367
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-1351.html
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2012/mfsa2012-59.html

Is Your Infrastructure Affected by CVE-2012-1956?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-1956

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-1956?