CVE-2012-1961 (retired)

Priority
Description
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6,
Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and
SeaMonkey before 2.11 do not properly handle duplicate values in
X-Frame-Options headers, which makes it easier for remote attackers to
conduct clickjacking attacks via a FRAME element referencing a web site
that produces these duplicate values.
Package
Upstream:released (14)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (14.0.1+build1-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (14)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (14.0+build1-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:01:36 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)