CVE-2012-1957 (retired)

Priority
Description
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0,
Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird
ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle
EMBED elements within description elements in RSS feeds, which allows
remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
Package
Upstream:released (14)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (14.0.1+build1-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (14)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (14.0+build1-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:01:36 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)