CVE-2012-1966 (retired)

Priority
Description
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not
have the same context-menu restrictions for data: URLs as for javascript:
URLs, which allows remote attackers to conduct cross-site scripting (XSS)
attacks via a crafted URL.
Package
Upstream:released (14)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (14.0.1+build1-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:01:37 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)