CVE-2012-0445 — Mozilla Seamonkey vulnerability

CWE-2647 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 32.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Seamonkey Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedFeb 1

Latest updateMay 4

Description

Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDmozilla/seamonkey2.7+57

▶NVDmozilla/firefox11 versions+10

▶NVDmozilla/thunderbird7 versions+6

🔴Vulnerability Details

GHSA

GHSA-c436-xm59-5fhc: Mozilla Firefox 4↗2022-05-04

▶

CVEList

CVE-2012-0445: Mozilla Firefox 4↗2012-02-01

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2012-02-17

▶

Ubuntu

Mozvoikko update↗2012-02-03

▶

Ubuntu

ubufox and webfav update↗2012-02-03

▶

Ubuntu

Firefox vulnerabilities↗2012-02-03

▶