CVE-2012-3973

Priority
Description
The debugger in the developer-tools subsystem in Mozilla Firefox before
15.0, when remote debugging is disabled, does not properly restrict access
to the remote-debugging service, which allows remote attackers to execute
arbitrary code by leveraging the presence of the HTTPMonitor extension and
connecting to that service through the HTTPMonitor port.
Notes
micahgper upstream MFSA, only affects Firefox
Package
Upstream:released (15.0)
Package
Upstream:needs-triage
Package
Upstream:not-affected
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 20:59:51 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)