Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Mariusz Mlynski and others discovered several flaws in Firefox that
allowed a remote attacker to conduct cross-site scripting (XSS)
attacks. (CVE-2012-4194, CVE-2012-4195)
Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled
the Location object. If a user were tricked into opening a specially
crafted page, a remote attacker could exploit this to bypass security
protections and perform cross-origin reading of the Location object.
Update the affected firefox package.
Risk factor :
Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 4.4
Public Exploit Available : true
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 62733 ()
Bugtraq ID: 5630156302
CVE ID: CVE-2012-4194CVE-2012-4195CVE-2012-4196
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.