CVE-2012-0455 – Mozilla: XSS with Drag and Drop and Javascript: URL (MFSA 2012-13)
https://notcve.org/view.php?id=CVE-2012-0455
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue. Mozilla Firefox antes de v3.6.28 y v4.x hasta v10.0, Firefox ESR v10.x antes de v10.0.3, Thunderbird antes de v3.1.20 y v5.0 hasta v10.0, Thunderbird ESR v10.x antes de v10.0.3, y SeaMonkey antes de v2.8 no restringen adecuadamente arrastrar y soltar en javascript: URLs, lo que permite a atacantes remotos asistidos por el usuario realizar ataques de ejecución de secuencias de comandos en sitios cruzados a través de una página web modificada, relacionado con un problema "DragAndDropJacking". • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html http://rhn.redhat.com/errata/RHSA-2012-0387.html http://rhn.redhat.com/errata/RHSA-2012-0388.html http://secunia.com/advisories/48359 http://secunia.com/advisories/48402 http://secunia.com/advisories/48414 http://secunia.com/advisories/48495 http://secunia.com/advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-0456 – Mozilla: SVG issues found with Address Sanitizer (MFSA 2012-14)
https://notcve.org/view.php?id=CVE-2012-0456
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read. La implementación de filtros SVG en Mozilla Firefox antes de v3.6.28 y v4.x hasta v10.0, Firefox ESR v10.x antes de v10.0.3, Thunderbird antes de v3.1.20 y v5.0 hasta v10.0, v10.x Thunderbird ESR antes de v10.0.3, y SeaMonkey antes de v2.8 podría permitir a atacantes remotos obtener información sensible de la memoria del proceso a través de vectores que provocan una lectura fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html http://rhn.redhat.com/errata/RHSA-2012-0387.html http://rhn.redhat.com/errata/RHSA-2012-0388.html http://secunia.com/advisories/48359 http://secunia.com/advisories/48402 http://secunia.com/advisories/48414 http://secunia.com/advisories/48495 http://secunia.com/advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-0458 – Mozilla: Escalation of privilege with Javascript: URL as home page (MFSA 2012-16)
https://notcve.org/view.php?id=CVE-2012-0458
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context. Mozilla Firefox antes de v3.6.28 y v4.x hasta v10.0, Firefox ESR v10.x antes de v10.0.3, Thunderbird antes de v3.1.20 y v5.0 hasta v10.0, Thunderbird ESR v10.x antes de v10.0.3, y SeaMonkey antes de v2.8 no restringen adecuadamente establecer la página principal a través del arrastre de una dirección URL hacia el botón de inicio, lo que permite a atacantes remotos asistidos por el usuario ejecutar código JavaScript arbitrario con privilegios de chrome a través de un javascript: URL que luego se interpreta en el ??contexto about:sessionrestore. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html http://rhn.redhat.com/errata/RHSA-2012-0387.html http://rhn.redhat.com/errata/RHSA-2012-0388.html http://secunia.com/advisories/48359 http://secunia.com/advisories/48402 http://secunia.com/advisories/48414 http://secunia.com/advisories/48495 http://secunia.com/advisories • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0452
https://notcve.org/view.php?id=CVE-2012-0452
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding. Vulnerabilidad de uso después de liberar en Mozilla Firefox v10.x anteriores a v10.0.1, Thunderbird v10.x anteriores a v10.0.1, y SeaMonkey v2.7 permite a usuarios remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su eleccion a través de vectores que disparan fallos en la llamada a la función nsXBLDocumentInfo::ReadPrototypeBindings, relativo al acceso periódico al colector de tabla hash que contienen un enlace viejo. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00013.html http://secunia.com/advisories/48110 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:017 http://www.mandriva.com/security/advisories?name=MDVSA-2012:018 http://www.mozilla.org/security/announce/2012/mfsa2012-10.html http://www.securityfocus.com/bid/51975 http://www.ubuntu.com/usn/USN-1360-1 • CWE-399: Resource Management Errors •
CVE-2012-0445
https://notcve.org/view.php?id=CVE-2012-0445
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute. Mozilla Firefox 4.x hasta la versión 9.0, Thunderbird 5.0 hasta la 9.0 y SeaMonkey anteriores a la 2.7 permiten a atacantes remotos evitar la política de "frame-navigation" HTML5 y reemplazar sub-frames arbitrarios creando un objetivo de envío de formulario ("form submission target") con un atributo de nombre de sub-frame. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://osvdb.org/78735 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-03.html http://www.securityfocus.com/bid/51765 https://bugzilla.mozilla.org/show_bug.cgi?id=701071 https://exchange.xforce.ibmcloud.com/vulnerabilities/72835 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef • CWE-264: Permissions, Privileges, and Access Controls •