Vulnerability DatabaseCVE-2012-1955
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2012-1955
July 18, 2012
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
Related ResourcesĀ (26)
http://secunia.com/advisories/49979
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17004
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
http://secunia.com/advisories/49968
http://secunia.com/advisories/49977
http://secunia.com/advisories/49993
http://www.ubuntu.com/usn/USN-1509-2
https://bugzilla.mozilla.org/show_bug.cgi?id=757376
http://secunia.com/advisories/49992
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
http://www.securitytracker.com/id?1027256
http://www.securitytracker.com/id?1027258
http://secunia.com/advisories/49965
http://secunia.com/advisories/49994
http://www.ubuntu.com/usn/USN-1510-1
http://rhn.redhat.com/errata/RHSA-2012-1088.html
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
http://www.mozilla.org/security/announce/2012/mfsa2012-45.html
http://www.securitytracker.com/id?1027257
http://secunia.com/advisories/49972
http://www.ubuntu.com/usn/USN-1509-1
https://access.redhat.com/security/cve/CVE-2012-1955
http://osvdb.org/83996
https://people.canonical.com/~ubuntu-security/cve/CVE-2012-1955
http://www.securityfocus.com/bid/54586
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
CVSS v2
Base Score:
6.8
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
EPSS
Base Score:
2.58