CVE-2012-4210
N/A
N/A
Summary
The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.ubuntu.com/usn/USN-1638-3
- http://www.ubuntu.com/usn/USN-1638-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80182
- http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
- http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
- http://www.securityfocus.com/bid/56646
- http://www.palemoon.org/releasenotes-ng.shtml
- http://rhn.redhat.com/errata/RHSA-2012-1482.html
- http://secunia.com/advisories/51434
- http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
- http://secunia.com/advisories/51439
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16833
- http://www.ubuntu.com/usn/USN-1638-1
- http://www.mozilla.org/security/announce/2012/mfsa2012-104.html
- http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
- http://secunia.com/advisories/51359
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:173
- http://secunia.com/advisories/51369
- https://bugzilla.mozilla.org/show_bug.cgi?id=796866
References
- http://www.ubuntu.com/usn/USN-1638-3
- http://www.ubuntu.com/usn/USN-1638-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80182
- http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
- http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
- http://www.securityfocus.com/bid/56646
- http://www.palemoon.org/releasenotes-ng.shtml
- http://rhn.redhat.com/errata/RHSA-2012-1482.html
- http://secunia.com/advisories/51434
- http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
- http://secunia.com/advisories/51439
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16833
- http://www.ubuntu.com/usn/USN-1638-1
- http://www.mozilla.org/security/announce/2012/mfsa2012-104.html
- http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
- http://secunia.com/advisories/51359
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:173
- http://secunia.com/advisories/51369
- https://bugzilla.mozilla.org/show_bug.cgi?id=796866
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.