CVE-2012-4193
CVSS v2.0
6.8 (Medium)
EPSS
2.25 % (90th)
Affected Products
13
Advisories
7
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2012-10-12 10:44:20
(12 years ago) - Updated Date
-
2020-08-14 18:07:29
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...