Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3992 Security Vulnerability

Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a security vulnerability that occurs due to the spoofing of a location property.

A successful exploit will result in injecting a script or intercepting posted data to a location specified with a relative path.

Note: This issue was previously discussed in BID 55856 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-74 through -87 Multiple Vulnerabilities), but have been moved to their own record to better document it.

This issue is fixed in:

Firefox 16
Firefox ESR 10.0.8
Thunderbird 16
Thunderbird ESR 10.0.8
SeaMonkey 2.13


Privacy Statement
Copyright 2010, SecurityFocus