CVE-2012-0475

Priority
Description
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and
SeaMonkey before 2.9 do not properly construct the Origin and
Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to
bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2)
WebSocket operation involving a nonstandard port number and an IPv6 address
that contains certain zero fields.
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (12.0+build1-0ubuntu0.12.04.1)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (12.0.1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (15.0+build1-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-19 12:02:45 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)