CVE-2012-5883

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209.

🔗 References (16)

cve@mitrehttp://www.bugzilla.org/security/3.6.11/
cve@mitrehttp://www.mandriva.com/security/advisories?name=MDVSA-2013:066
cve@mitrehttp://www.securityfocus.com/bid/56385
cve@mitrehttp://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/
cve@mitrehttp://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/
cve@mitrehttp://yuilibrary.com/support/20121030-vulnerability/
cve@mitrehttps://bugzilla.mozilla.org/show_bug.cgi?id=808845
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/80116
af854a3a-2127-422b-91ae-364da2661108http://www.bugzilla.org/security/3.6.11/
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:066
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/56385
af854a3a-2127-422b-91ae-364da2661108http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/
af854a3a-2127-422b-91ae-364da2661108http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/
af854a3a-2127-422b-91ae-364da2661108http://yuilibrary.com/support/20121030-vulnerability/
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=808845

Is Your Infrastructure Affected by CVE-2012-5883?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-5883

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-5883?