CVE-2012-4209
Scores
EPSS
0.000none0.0%
0%20%40%60%80%100%
Percentile: 0.0%
CVSS
4.3medium2.0
0246810
CVSS Score: 4.3/10
All CVSS Scores
CVSS 2.0
4.3Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Medium
Describes the conditions beyond the attacker's control
AC:M
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
None (N)
Measures the impact to the confidentiality of information
C:N
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
None (N)
Measures the impact to the availability of the impacted component
A:N
Description
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a “top” frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
debiannvdubuntu
CWEs
CWE-79
Vulnerable Software (23)
Type: Configuration
Product: firefox
Operating System: ubuntu hardy 8.04
Trait:
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: iceape
Operating System: debian
Trait:
{ "fixed": "2.7.11-1"}
Source: debian
Type: Configuration
Product: iceape
Operating System: debian squeeze 6
Trait:
{ "unaffected": true}
Source: debian
Type: Configuration
Product: icedove
Operating System: debian
Trait:
{ "fixed": "10.0.11-1"}
Source: debian
Type: Configuration
Product: icedove
Operating System: debian squeeze 6
Trait:
{ "unaffected": true}
Source: debian
Type: Configuration
Product: iceweasel
Operating System: debian
Trait:
{ "fixed": "10.0.11esr-1"}
Source: debian
Type: Configuration
Product: iceweasel
Operating System: debian squeeze 6
Trait:
{ "unaffected": true}
Source: debian
Type: Configuration
Product: seamonkey
Operating System: ubuntu hardy 8.04
Trait:
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: thunderbird
Operating System: ubuntu hardy 8.04
Trait:
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: xulrunner-1.9.2
Operating System: ubuntu hardy 8.04
Trait:
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Vendor: canonical
Product: ubuntu_linux
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: mozilla
Product: firefox
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.14", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: mozilla
Product: seamonkey
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.14", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: mozilla
Product: thunderbird
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.14", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: mozilla
Product: thunderbird_esr
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.14", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: opensuse
Product: opensuse
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", ...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: redhat
Product: enterprise_linux_desktop
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_des...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: redhat
Product: enterprise_linux_eus
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_des...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: redhat
Product: enterprise_linux_server
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_des...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: redhat
Product: enterprise_linux_workstation
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_des...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: suse
Product: linux_enterprise_desktop
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", ...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: suse
Product: linux_enterprise_server
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", ...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: suse
Product: linux_enterprise_software_development_kit
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", ...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd