← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

PublicDateAtUSN: 2012-11-21
Candidate: CVE-2012-4210
PublicDate: 2012-11-21
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4210
 http://www.ubuntu.com/usn/usn-1638-1
 http://www.mozilla.org/security/announce/2012/mfsa2012-104.html
Description:
 The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x
 before 10.0.11 does not properly restrict the context of HTML markup and
 Cascading Style Sheets (CSS) token sequences, which allows user-assisted
 remote attackers to execute arbitrary JavaScript code with chrome
 privileges via a crafted stylesheet.
Ubuntu-Description: 
Notes: 
 jdstrand> xulrunner-1.9.2 unmaintained upstream (see README.mozilla for
  details)
 micahg> Firefox only per MFSA
Bugs: 
Priority: medium
Discovered-by:
Assigned-to:

Patches_firefox:
upstream_firefox: needs-triage
hardy_firefox: ignored (reached end-of-life)
lucid_firefox: released (17.0+build2-0ubuntu0.10.04.1)
oneiric_firefox: released (17.0+build2-0ubuntu0.11.10.1)
precise_firefox: released (17.0+build2-0ubuntu0.12.04.1)
quantal_firefox: released (17.0+build2-0ubuntu0.12.10.1)
raring_firefox: not-affected (18.0~b2+build1-0ubuntu1)
saucy_firefox: not-affected (18.0~b2+build1-0ubuntu1)
devel_firefox: not-affected (18.0~b2+build1-0ubuntu1)

Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: needs-triage
hardy_xulrunner-1.9.2: ignored (reached end-of-life)
lucid_xulrunner-1.9.2: ignored (see notes)
oneiric_xulrunner-1.9.2: DNE
precise_xulrunner-1.9.2: DNE
quantal_xulrunner-1.9.2: DNE
raring_xulrunner-1.9.2: DNE
saucy_xulrunner-1.9.2: DNE
devel_xulrunner-1.9.2: DNE

Patches_xulrunner-2.0:
upstream_xulrunner-2.0: needs-triage
hardy_xulrunner-2.0: DNE
lucid_xulrunner-2.0: DNE
oneiric_xulrunner-2.0: DNE
precise_xulrunner-2.0: DNE
quantal_xulrunner-2.0: DNE
raring_xulrunner-2.0: DNE
saucy_xulrunner-2.0: DNE
devel_xulrunner-2.0: DNE


Patches_seamonkey:
upstream_seamonkey: needs-triage
hardy_seamonkey: ignored (reached end-of-life)
lucid_seamonkey: ignored (reached end-of-life)
oneiric_seamonkey: ignored (reached end-of-life)
precise_seamonkey: DNE
quantal_seamonkey: DNE
raring_seamonkey: DNE
saucy_seamonkey: DNE
devel_seamonkey: DNE


Patches_thunderbird:
upstream_thunderbird: not-affected
hardy_thunderbird: ignored (reached end-of-life)
lucid_thunderbird: not-affected
oneiric_thunderbird: not-affected
precise_thunderbird: not-affected
quantal_thunderbird: not-affected
raring_thunderbird: not-affected
saucy_thunderbird: not-affected
devel_thunderbird: not-affected