CVE-2012-4194
- EPSS 2.84%
- Veröffentlicht 29.10.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:34
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), ...
CVE-2012-4195
- EPSS 1.9%
- Veröffentlicht 29.10.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:34
The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and prin...
CVE-2012-4196
- EPSS 3.29%
- Veröffentlicht 29.10.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:35
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a pro...
CVE-2012-4193
- EPSS 1.16%
- Veröffentlicht 12.10.2012 10:44:20
- Zuletzt bearbeitet 16.06.2026 23:44:34
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, w...
CVE-2012-3992
- EPSS 2.51%
- Veröffentlicht 10.10.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:13
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XS...
CVE-2012-3993
- EPSS 42.61%
- Veröffentlicht 10.10.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:13
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallT...
CVE-2012-3994
- EPSS 2.39%
- Veröffentlicht 10.10.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:14
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Obj...
CVE-2012-3995
- EPSS 5.02%
- Veröffentlicht 10.10.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:14
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a den...
CVE-2012-4179
- EPSS 4.73%
- Veröffentlicht 10.10.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:32
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote att...
CVE-2012-4180
- EPSS 9.27%
- Veröffentlicht 10.10.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:32
Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote a...