CVE-2012-1966

MEDIUM

Description

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

ID	Name	Product	Family	Severity
80787	Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird7)	Nessus	Solaris Local Security Checks	critical
74693	openSUSE Security Update : xulrunner (openSUSE-SU-2012:0924-1)	Nessus	SuSE Local Security Checks	critical
74687	openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:0899-1)	Nessus	SuSE Local Security Checks	critical
68578	Oracle Linux 5 / 6 : firefox (ELSA-2012-1088)	Nessus	Oracle Linux Local Security Checks	critical
64131	SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 6574)	Nessus	SuSE Local Security Checks	critical
63402	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	critical
61963	Mandriva Linux Security Advisory : mozilla (MDVSA-2012:110-1)	Nessus	Mandriva Local Security Checks	critical
61402	FreeBSD : mozilla -- multiple vulnerabilities (dbf338d0-dce5-11e1-b655-14dae9ebcf89)	Nessus	FreeBSD Local Security Checks	critical
61364	Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120717)	Nessus	Scientific Linux Local Security Checks	critical
801282	Mozilla Firefox 13.x < 13 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
60092	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8226)	Nessus	SuSE Local Security Checks	critical
6519	Mozilla Firefox < 14.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
60043	Firefox < 14.0 Multiple Vulnerabilities	Nessus	Windows	critical
60042	Firefox 10.0.x < 10.0.6 Multiple Vulnerabilities	Nessus	Windows	critical
60039	Firefox < 14.0 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
60038	Firefox < 10.0.6 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
60013	Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : ubufox update (USN-1509-2)	Nessus	Ubuntu Local Security Checks	critical
60012	Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1509-1)	Nessus	Ubuntu Local Security Checks	critical
60008	RHEL 5 / 6 : firefox (RHSA-2012:1088)	Nessus	Red Hat Local Security Checks	critical
60005	Debian DSA-2514-1 : iceweasel - several vulnerabilities	Nessus	Debian Local Security Checks	critical
59998	CentOS 5 / 6 : firefox (CESA-2012:1088)	Nessus	CentOS Local Security Checks	critical

CVE-2012-1966

Description

References

Details

Risk Information

CVSS v2.0