1
PublicDateAtUSN: 2012-10-26
2
Candidate: CVE-2012-4196
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4196
6
http://www.mozilla.org/security/announce/2012/mfsa2012-90.html
7
https://usn.ubuntu.com/usn/usn-1620-1
8
https://usn.ubuntu.com/usn/usn-1620-2
10
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird
11
before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before
12
2.13.2 allow remote attackers to bypass the Same Origin Policy and read the
13
Location object via a prototype property-injection attack that defeats
14
certain protection mechanisms for this object.
17
jdstrand> xulrunner-1.9.2 unmaintained upstream (see README.mozilla for
20
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1071392
22
Discovered-by: Antoine Delignat-Lavaud
26
upstream_firefox: released (16.0.2)
27
hardy_firefox: ignored (reached end-of-life)
28
lucid_firefox: released (16.0.2+build1-0ubuntu0.10.04.1)
29
natty_firefox: released (16.0.2+build1-0ubuntu0.11.04.1)
30
oneiric_firefox: released (16.0.2+build1-0ubuntu0.11.10.1)
31
precise_firefox: released (16.0.2+build1-0ubuntu0.12.04.1)
32
quantal_firefox: released (16.0.2+build1-0ubuntu0.12.10.1)
33
raring_firefox: released (17.0~b1+build1-0ubuntu1)
34
saucy_firefox: released (17.0~b1+build1-0ubuntu1)
35
devel_firefox: released (17.0~b1+build1-0ubuntu1)
37
Tags_xulrunner-1.9.2_natty: universe-binary
38
Patches_xulrunner-1.9.2:
39
upstream_xulrunner-1.9.2: needs-triage
40
hardy_xulrunner-1.9.2: ignored (reached end-of-life)
41
lucid_xulrunner-1.9.2: ignored (see notes)
42
natty_xulrunner-1.9.2: ignored
43
oneiric_xulrunner-1.9.2: DNE
44
precise_xulrunner-1.9.2: DNE
45
quantal_xulrunner-1.9.2: DNE
46
raring_xulrunner-1.9.2: DNE
47
saucy_xulrunner-1.9.2: DNE
48
devel_xulrunner-1.9.2: DNE
50
Patches_xulrunner-2.0:
51
upstream_xulrunner-2.0: needs-triage
52
hardy_xulrunner-2.0: DNE
53
lucid_xulrunner-2.0: DNE
54
natty_xulrunner-2.0: ignored (does not process internet content)
55
oneiric_xulrunner-2.0: DNE
56
precise_xulrunner-2.0: DNE
57
quantal_xulrunner-2.0: DNE
58
raring_xulrunner-2.0: DNE
59
saucy_xulrunner-2.0: DNE
60
devel_xulrunner-2.0: DNE
64
upstream_seamonkey: released (2.13.2)
65
hardy_seamonkey: ignored (reached end-of-life)
66
lucid_seamonkey: ignored (reached end-of-life)
67
natty_seamonkey: ignored (reached end-of-life)
68
oneiric_seamonkey: ignored (reached end-of-life)
69
precise_seamonkey: DNE
70
quantal_seamonkey: DNE
77
upstream_thunderbird: released (16.0.2)
78
hardy_thunderbird: ignored (reached end-of-life)
79
lucid_thunderbird: released (16.0.2+build1-0ubuntu0.10.04.1)
80
natty_thunderbird: ignored (reached end-of-life)
81
oneiric_thunderbird: released (16.0.2+build1-0ubuntu0.11.10.1)
82
precise_thunderbird: released (16.0.2+build1-0ubuntu0.12.04.1)
83
quantal_thunderbird: released (16.0.2+build1-0ubuntu0.12.10.1)
84
raring_thunderbird: released (17.0~b3+build1-0ubuntu1)
85
saucy_thunderbird: released (17.0~b3+build1-0ubuntu1)
86
devel_thunderbird: released (17.0~b3+build1-0ubuntu1)