4
CVE-2012-1964
- EPSS 0.9%
- Veröffentlicht 18.07.2012 10:26:49
- Zuletzt bearbeitet 16.06.2026 23:40:41
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version5.0
Mozilla ≫ Thunderbird Version6.0
Mozilla ≫ Thunderbird Version6.0.1
Mozilla ≫ Thunderbird Version6.0.2
Mozilla ≫ Thunderbird Version7.0
Mozilla ≫ Thunderbird Version7.0.1
Mozilla ≫ Thunderbird Version8.0
Mozilla ≫ Thunderbird Version9.0
Mozilla ≫ Thunderbird Version9.0.1
Mozilla ≫ Thunderbird Version10.0
Mozilla ≫ Thunderbird Version10.0.1
Mozilla ≫ Thunderbird Version10.0.2
Mozilla ≫ Thunderbird Version10.0.3
Mozilla ≫ Thunderbird Version10.0.4
Mozilla ≫ Thunderbird Version11.0
Mozilla ≫ Thunderbird Version12.0
Mozilla ≫ Thunderbird Version13.0
Mozilla ≫ Thunderbird Esr Version10.0
Mozilla ≫ Thunderbird Esr Version10.0.1
Mozilla ≫ Thunderbird Esr Version10.0.2
Mozilla ≫ Thunderbird Esr Version10.0.3
Mozilla ≫ Thunderbird Esr Version10.0.4
Mozilla ≫ Thunderbird Esr Version10.0.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.9% | 0.549 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 4.9 | 4.9 |
AV:N/AC:H/Au:N/C:P/I:P/A:N
|
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
http://rhn.redhat.com/errata/RHSA-2012-1088.html
http://secunia.com/advisories/49965
http://secunia.com/advisories/49972
http://secunia.com/advisories/49977
http://secunia.com/advisories/49979
http://secunia.com/advisories/49992
http://secunia.com/advisories/49993
http://secunia.com/advisories/49994
http://www.ubuntu.com/usn/USN-1509-1
http://www.ubuntu.com/usn/USN-1509-2
http://osvdb.org/84011
http://www.mozilla.org/security/announce/2012/mfsa2012-54.html
http://www.securityfocus.com/bid/54581
https://bugzilla.mozilla.org/show_bug.cgi?id=633691
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16783