[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Arbitrary code execution vulnerability in web console in Mozilla Firefox and Thunderbird via a crafted web site that injects this code and triggers an eval operation (Mac OS X)

ID: oval:org.secpod.oval:def:6904Date: (C)2012-09-06   (M)2023-11-19
Class: VULNERABILITYFamily: macos




The host is installed with Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, or Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to properly handle a crafted web site that injects this code and triggers an eval operation. Successful exploitation could allow attackers to execute arbitrary JavaScript code.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla Firefox
Mozilla Thunderbird
Reference:
CVE-2012-3980
CVE    1
CVE-2012-3980
CPE    251
cpe:/a:mozilla:firefox:14.0
cpe:/a:mozilla:firefox:1.5:beta2
cpe:/a:mozilla:thunderbird:11.0
cpe:/a:mozilla:firefox:1.5:beta1
...

© SecPod Technologies