ID CVE-2012-1967
Summary Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:-:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:*:alpha:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:*:alpha:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:*:beta:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:*:beta:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9:beta4:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9:beta4:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.10:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.10:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.10:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.10:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.10:beta3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.10:beta3:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 29-12-2017 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2014-10-06T04:02:28.983-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Richard Helbing
    organization baramundi software
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
definition_extensions
  • comment Mozilla Thunderbird Mainline release is installed
    oval oval:org.mitre.oval:def:22093
  • comment Mozilla Seamonkey is installed
    oval oval:org.mitre.oval:def:6372
  • comment Mozilla Firefox Mainline release is installed
    oval oval:org.mitre.oval:def:22259
  • comment Mozilla Firefox ESR is installed
    oval oval:org.mitre.oval:def:22414
  • comment Mozilla Thunderbird ESR is installed
    oval oval:org.mitre.oval:def:22216
description Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
family windows
id oval:org.mitre.oval:def:17025
status accepted
submitted 2013-05-13T10:26:26.748+04:00
title Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
version 36
redhat via4
advisories
  • bugzilla
    id 840259
    title CVE-2012-1967 Mozilla: Code execution through javascript: URLs (MFSA 2012-56)
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment xulrunner is earlier than 0:10.0.6-2.el5_8
            oval oval:com.redhat.rhsa:tst:20121088002
          • comment xulrunner is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080569003
        • AND
          • comment xulrunner-devel is earlier than 0:10.0.6-2.el5_8
            oval oval:com.redhat.rhsa:tst:20121088004
          • comment xulrunner-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080569005
        • AND
          • comment firefox is earlier than 0:10.0.6-1.el5_8
            oval oval:com.redhat.rhsa:tst:20121088006
          • comment firefox is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097009
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
      • OR
        • AND
          • comment xulrunner is earlier than 0:10.0.6-1.el6_3
            oval oval:com.redhat.rhsa:tst:20121088012
          • comment xulrunner is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100861006
        • AND
          • comment xulrunner-devel is earlier than 0:10.0.6-1.el6_3
            oval oval:com.redhat.rhsa:tst:20121088014
          • comment xulrunner-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100861008
        • AND
          • comment firefox is earlier than 0:10.0.6-1.el6_3
            oval oval:com.redhat.rhsa:tst:20121088016
          • comment firefox is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100861010
    rhsa
    id RHSA-2012:1088
    released 2012-07-17
    severity Critical
    title RHSA-2012:1088: firefox security update (Critical)
  • bugzilla
    id 840259
    title CVE-2012-1967 Mozilla: Code execution through javascript: URLs (MFSA 2012-56)
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • comment thunderbird is earlier than 0:10.0.6-1.el5_8
        oval oval:com.redhat.rhsa:tst:20121089002
      • comment thunderbird is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20070108003
    • AND
      • comment thunderbird is earlier than 0:10.0.6-1.el6_3
        oval oval:com.redhat.rhsa:tst:20121089008
      • comment thunderbird is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100896006
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
    rhsa
    id RHSA-2012:1089
    released 2012-07-17
    severity Critical
    title RHSA-2012:1089: thunderbird security update (Critical)
rpms
  • xulrunner-0:10.0.6-2.el5_8
  • xulrunner-devel-0:10.0.6-2.el5_8
  • firefox-0:10.0.6-1.el5_8
  • xulrunner-0:10.0.6-1.el6_3
  • xulrunner-devel-0:10.0.6-1.el6_3
  • firefox-0:10.0.6-1.el6_3
  • thunderbird-0:10.0.6-1.el5_8
  • thunderbird-0:10.0.6-1.el6_3
refmap via4
bid 54573
confirm
debian
  • DSA-2514
  • DSA-2528
osvdb 84013
sectrack
  • 1027256
  • 1027257
  • 1027258
secunia
  • 49963
  • 49964
  • 49965
  • 49968
  • 49972
  • 49977
  • 49979
  • 49992
  • 49993
  • 49994
suse
  • SUSE-SU-2012:0895
  • SUSE-SU-2012:0896
  • openSUSE-SU-2012:0899
  • openSUSE-SU-2012:0917
ubuntu
  • USN-1509-1
  • USN-1509-2
  • USN-1510-1
Last major update 29-12-2017 - 02:29
Published 18-07-2012 - 10:26
Back to Top