1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
PublicDateAtUSN: 2012-07-17
Candidate: CVE-2012-1967
PublicDate: 2012-07-18
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1967
http://www.mozilla.org/security/announce/2012/mfsa2012-56.html
http://www.ubuntu.com/usn/usn-1509-1
http://www.ubuntu.com/usn/usn-1510-1
Description:
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6,
Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and
SeaMonkey before 2.11 do not properly implement the JavaScript sandbox
utility, which allows remote attackers to execute arbitrary JavaScript code
with improper privileges via a javascript: URL.
Ubuntu-Description:
Notes:
Bugs:
https://bugzilla.mozilla.org/show_bug.cgi?id=758344
Priority: medium
Discovered-by:
Assigned-to:
Patches_firefox:
upstream_firefox: released (14)
hardy_firefox: ignored (reached end-of-life)
lucid_firefox: released (14.0.1+build1-0ubuntu0.10.04.1)
natty_firefox: released (14.0.1+build1-0ubuntu0.11.04.1)
oneiric_firefox: released (14.0.1+build1-0ubuntu0.11.10.1)
precise_firefox: released (14.0.1+build1-0ubuntu0.12.04.1)
quantal_firefox: not-affected (14.0.1+build1-0ubuntu2)
raring_firefox: not-affected (14.0.1+build1-0ubuntu2)
saucy_firefox: not-affected (14.0.1+build1-0ubuntu2)
devel_firefox: not-affected (14.0.1+build1-0ubuntu2)
Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: needs-triage
hardy_xulrunner-1.9.2: ignored (reached end-of-life)
lucid_xulrunner-1.9.2: ignored (see notes)
natty_xulrunner-1.9.2: ignored (universe-binary)
oneiric_xulrunner-1.9.2: DNE
precise_xulrunner-1.9.2: DNE
quantal_xulrunner-1.9.2: DNE
raring_xulrunner-1.9.2: DNE
saucy_xulrunner-1.9.2: DNE
devel_xulrunner-1.9.2: DNE
Patches_xulrunner-2.0:
upstream_xulrunner-2.0: needs-triage
hardy_xulrunner-2.0: DNE
lucid_xulrunner-2.0: DNE
natty_xulrunner-2.0: ignored (does not process internet content)
oneiric_xulrunner-2.0: DNE
precise_xulrunner-2.0: DNE
quantal_xulrunner-2.0: DNE
raring_xulrunner-2.0: DNE
saucy_xulrunner-2.0: DNE
devel_xulrunner-2.0: DNE
Patches_seamonkey:
upstream_seamonkey: needs-triage
hardy_seamonkey: ignored (reached end-of-life)
lucid_seamonkey: ignored (reached end-of-life)
natty_seamonkey: ignored (reached end-of-life)
oneiric_seamonkey: ignored (reached end-of-life)
precise_seamonkey: DNE
quantal_seamonkey: DNE
raring_seamonkey: DNE
saucy_seamonkey: DNE
devel_seamonkey: DNE
Patches_thunderbird:
upstream_thunderbird: released (14)
hardy_thunderbird: ignored (reached end-of-life)
lucid_thunderbird: released (14.0+build1-0ubuntu0.10.04.1)
natty_thunderbird: released (14.0+build1-0ubuntu0.11.04.1)
oneiric_thunderbird: released (14.0+build1-0ubuntu0.11.10.1)
precise_thunderbird: released (14.0+build1-0ubuntu0.12.04.1)
quantal_thunderbird: not-affected (14.0+build1-0ubuntu2)
raring_thunderbird: not-affected (14.0+build1-0ubuntu2)
saucy_thunderbird: not-affected (14.0+build1-0ubuntu2)
devel_thunderbird: not-affected (14.0+build1-0ubuntu2)
|