ID CVE-2012-0479
Summary Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 18-01-2018 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
oval via4
accepted 2014-10-06T04:02:27.696-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Richard Helbing
    organization baramundi software
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
definition_extensions
  • comment Mozilla Thunderbird Mainline release is installed
    oval oval:org.mitre.oval:def:22093
  • comment Mozilla Seamonkey is installed
    oval oval:org.mitre.oval:def:6372
  • comment Mozilla Firefox Mainline release is installed
    oval oval:org.mitre.oval:def:22259
  • comment Mozilla Firefox ESR is installed
    oval oval:org.mitre.oval:def:22414
  • comment Mozilla Thunderbird ESR is installed
    oval oval:org.mitre.oval:def:22216
description Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.
family windows
id oval:org.mitre.oval:def:17011
status accepted
submitted 2013-05-13T10:26:26.748+04:00
title Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.
version 37
redhat via4
advisories
  • bugzilla
    id 815044
    title CVE-2012-0479 Mozilla: Potential site identity spoofing when loading RSS and Atom feeds (MFSA 2012-33)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment xulrunner is earlier than 0:10.0.4-1.el6_2
            oval oval:com.redhat.rhsa:tst:20120515001
          • comment xulrunner is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100861002
        • AND
          • comment xulrunner-devel is earlier than 0:10.0.4-1.el6_2
            oval oval:com.redhat.rhsa:tst:20120515003
          • comment xulrunner-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100861004
        • AND
          • comment firefox is earlier than 0:10.0.4-1.el6_2
            oval oval:com.redhat.rhsa:tst:20120515005
          • comment firefox is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100861006
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment xulrunner is earlier than 0:10.0.4-1.el5_8
            oval oval:com.redhat.rhsa:tst:20120515008
          • comment xulrunner is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080569002
        • AND
          • comment xulrunner-devel is earlier than 0:10.0.4-1.el5_8
            oval oval:com.redhat.rhsa:tst:20120515010
          • comment xulrunner-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080569004
        • AND
          • comment firefox is earlier than 0:10.0.4-1.el5_8
            oval oval:com.redhat.rhsa:tst:20120515012
          • comment firefox is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097008
    rhsa
    id RHSA-2012:0515
    released 2012-04-24
    severity Critical
    title RHSA-2012:0515: firefox security update (Critical)
  • bugzilla
    id 815044
    title CVE-2012-0479 Mozilla: Potential site identity spoofing when loading RSS and Atom feeds (MFSA 2012-33)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment thunderbird is earlier than 0:10.0.4-1.el6_2
        oval oval:com.redhat.rhsa:tst:20120516001
      • comment thunderbird is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100896002
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • comment thunderbird is earlier than 0:10.0.4-1.el5_8
        oval oval:com.redhat.rhsa:tst:20120516004
      • comment thunderbird is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20070108002
    rhsa
    id RHSA-2012:0516
    released 2012-04-24
    severity Critical
    title RHSA-2012:0516: thunderbird security update (Critical)
rpms
  • firefox-0:10.0.4-1.el5_8
  • firefox-0:10.0.4-1.el6_2
  • firefox-debuginfo-0:10.0.4-1.el5_8
  • firefox-debuginfo-0:10.0.4-1.el6_2
  • xulrunner-0:10.0.4-1.el5_8
  • xulrunner-0:10.0.4-1.el6_2
  • xulrunner-debuginfo-0:10.0.4-1.el5_8
  • xulrunner-debuginfo-0:10.0.4-1.el6_2
  • xulrunner-devel-0:10.0.4-1.el5_8
  • xulrunner-devel-0:10.0.4-1.el6_2
  • thunderbird-0:10.0.4-1.el5_8
  • thunderbird-0:10.0.4-1.el6_2
  • thunderbird-debuginfo-0:10.0.4-1.el5_8
  • thunderbird-debuginfo-0:10.0.4-1.el6_2
refmap via4
bid 53224
confirm
debian
  • DSA-2457
  • DSA-2458
  • DSA-2464
mandriva
  • MDVSA-2012:066
  • MDVSA-2012:081
secunia
  • 48920
  • 48922
  • 48972
  • 49047
  • 49055
xf firefox-rss-spoofing(75156)
Last major update 18-01-2018 - 02:29
Published 25-04-2012 - 10:10
Last modified 18-01-2018 - 02:29
Back to Top