Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3992 Security Vulnerability
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a security vulnerability that occurs due to the spoofing of a location property.
A successful exploit will result in injecting a script or intercepting posted data to a location specified with a relative path.
Note: This issue was previously discussed in BID 55856 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-74 through -87 Multiple Vulnerabilities), but have been moved to their own record to better document it.
This issue is fixed in:
Firefox ESR 10.0.8
Thunderbird ESR 10.0.8