CVE-2012-0458 – Mozilla: Escalation of privilege with Javascript: URL as home page (MFSA 2012-16)
https://notcve.org/view.php?id=CVE-2012-0458
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context. Mozilla Firefox antes de v3.6.28 y v4.x hasta v10.0, Firefox ESR v10.x antes de v10.0.3, Thunderbird antes de v3.1.20 y v5.0 hasta v10.0, Thunderbird ESR v10.x antes de v10.0.3, y SeaMonkey antes de v2.8 no restringen adecuadamente establecer la página principal a través del arrastre de una dirección URL hacia el botón de inicio, lo que permite a atacantes remotos asistidos por el usuario ejecutar código JavaScript arbitrario con privilegios de chrome a través de un javascript: URL que luego se interpreta en el ??contexto about:sessionrestore. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html http://rhn.redhat.com/errata/RHSA-2012-0387.html http://rhn.redhat.com/errata/RHSA-2012-0388.html http://secunia.com/advisories/48359 http://secunia.com/advisories/48402 http://secunia.com/advisories/48414 http://secunia.com/advisories/48495 http://secunia.com/advisories • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0452
https://notcve.org/view.php?id=CVE-2012-0452
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding. Vulnerabilidad de uso después de liberar en Mozilla Firefox v10.x anteriores a v10.0.1, Thunderbird v10.x anteriores a v10.0.1, y SeaMonkey v2.7 permite a usuarios remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su eleccion a través de vectores que disparan fallos en la llamada a la función nsXBLDocumentInfo::ReadPrototypeBindings, relativo al acceso periódico al colector de tabla hash que contienen un enlace viejo. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00013.html http://secunia.com/advisories/48110 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:017 http://www.mandriva.com/security/advisories?name=MDVSA-2012:018 http://www.mozilla.org/security/announce/2012/mfsa2012-10.html http://www.securityfocus.com/bid/51975 http://www.ubuntu.com/usn/USN-1360-1 • CWE-399: Resource Management Errors •
CVE-2012-0445
https://notcve.org/view.php?id=CVE-2012-0445
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute. Mozilla Firefox 4.x hasta la versión 9.0, Thunderbird 5.0 hasta la 9.0 y SeaMonkey anteriores a la 2.7 permiten a atacantes remotos evitar la política de "frame-navigation" HTML5 y reemplazar sub-frames arbitrarios creando un objetivo de envío de formulario ("form submission target") con un atributo de nombre de sub-frame. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://osvdb.org/78735 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-03.html http://www.securityfocus.com/bid/51765 https://bugzilla.mozilla.org/show_bug.cgi?id=701071 https://exchange.xforce.ibmcloud.com/vulnerabilities/72835 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0446
https://notcve.org/view.php?id=CVE-2012-0446
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects. Múltiples vuelnerabilidades de ejccución de secuencias de comandos en sitios cruzados en Mozilla Firefox v4.x hasta v9.0, Thunderbird v5.0 hasta v9.0, y SeaMonkey antes de v2.7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un (1) pagina web o (2) extensión de Firefox, relacionados con la aplicación incorrecta de las restricciones de seguridad XPConnect de secuencias de comandos de tramas que llaman a objetos que no son de confianza. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-05.html http://www.securityfocus.com/bid/51752 https://bugzilla.mozilla.org/show_bug.cgi?id=705651 https://exchange.xforce.ibmcloud.com/vulnerabilities/72837 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14304 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-0450
https://notcve.org/view.php?id=CVE-2012-0450
Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations. Mozilla Firefox 4.x hasta la versión 9.0 y SeaMonkey anteriores a la 2.7 en Linux y Mac OS X establecen permisos débiles para Firefox Recovery Key.html, lo que puede permitir a usuarios locales leer una clave Firefox Sync a través de un operación del sistema de archivos estándar. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://osvdb.org/78741 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-09.html https://bugzilla.mozilla.org/show_bug.cgi?id=716868 https://exchange.xforce.ibmcloud.com/vulnerabilities/72869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14670 • CWE-264: Permissions, Privileges, and Access Controls •