CVE-2012-0475 (retired)

Priority
Description
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and
SeaMonkey before 2.9 do not properly construct the Origin and
Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to
bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2)
WebSocket operation involving a nonstandard port number and an IPv6 address
that contains certain zero fields.
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (12.0+build1-0ubuntu0.12.04.1)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (12.0.1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (15.0+build1-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:00:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)