CVE-2012-4208 (retired)

Priority
Description
The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird
before 17.0, and SeaMonkey before 2.14 does not consider the compartment
during property filtering, which allows remote attackers to bypass intended
chrome-only restrictions on reading DOM object properties via a crafted web
site.
Notes
 jdstrand> xulrunner-1.9.2 unmaintained upstream (see README.mozilla for
  details)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:41:43 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)