CVE-2012-3992

NONECVSS 0.0

0.0

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.

🔗 References (30)

cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2012-1351.html
cve@mitrehttp://secunia.com/advisories/50856
cve@mitrehttp://secunia.com/advisories/50892
cve@mitrehttp://secunia.com/advisories/50904
cve@mitrehttp://secunia.com/advisories/50935
cve@mitrehttp://secunia.com/advisories/50936
cve@mitrehttp://secunia.com/advisories/50984
cve@mitrehttp://secunia.com/advisories/55318
cve@mitrehttp://www.mandriva.com/security/advisories?name=MDVSA-2012:163
cve@mitrehttp://www.mozilla.org/security/announce/2012/mfsa2012-84.html
cve@mitrehttp://www.securityfocus.com/bid/56128
cve@mitrehttp://www.ubuntu.com/usn/USN-1611-1
cve@mitrehttps://bugzilla.mozilla.org/show_bug.cgi?id=775009
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16987

Is Your Infrastructure Affected by CVE-2012-3992?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-3992

📅 Published

🔄 Last Modified

🔗 References (30)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-3992?