[USN-1620-1] Firefox vulnerabilities
Severity
Medium
CVEs
3
Several security issues were fixed in Firefox.
Mariusz Mlynski and others discovered several flaws in Firefox that allowed
a remote attacker to conduct cross-site scripting (XSS) attacks.
(CVE-2012-4194, CVE-2012-4195)
Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the
Location object. If a user were tricked into opening a specially crafted
page, a remote attacker could exploit this to bypass security protections
and perform cross-origin reading of the Location object. (CVE-2012-4196)
- ID
- USN-1620-1
- Severity
- medium
- Severity from
- CVE-2012-4196
- URL
- https://ubuntu.com/security/notices/USN-1620-1
- Published
-
2012-10-26T21:03:41
(12 years ago) - Modified
-
2012-10-26T21:03:41
(12 years ago) - Other Advisories
ELSA-2012-1407
FEDORA-2012-17841
FREEBSD:6B3B1B97-207C-11E2-A03F-C8600054B392
GLSA-201301-01
RHSA-2012:1407| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |