CVE-2012-0460

Priority
Medium
Description
Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3,
Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and
SeaMonkey before 2.8 do not properly restrict write access to the
window.fullScreen object, which allows remote attackers to spoof the user
interface via a crafted web page.
References
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-15 19:39:08 UTC (commit 9690)