Published: 14/03/2012 Updated: 18/01/2018

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Mozilla Firefox 4.x up to and including 10.0, Firefox ESR 10.x prior to 10.0.3, Thunderbird 5.0 up to and including 10.0, Thunderbird ESR 10.x prior to 10.0.3, and SeaMonkey prior to 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote malicious users to spoof the user interface via a crafted web page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 4.0
mozilla firefox 5.0
mozilla firefox 8.0
mozilla firefox 8.0.1
mozilla firefox 4.0.1
mozilla firefox 6.0.2
mozilla firefox 6.0.1
mozilla firefox 5.0.1
mozilla firefox 6.0
mozilla firefox 9.0.1
mozilla firefox 9.0
mozilla firefox 7.0.1
mozilla firefox 7.0
mozilla firefox esr 10.0
mozilla firefox esr 10.1
mozilla firefox esr 10.2
mozilla thunderbird 5.0
mozilla thunderbird 6.0
mozilla thunderbird 9.0.1
mozilla thunderbird 7.0
mozilla thunderbird 7.0.1
mozilla thunderbird 6.0.1
mozilla thunderbird 6.0.2
mozilla thunderbird 8.0
mozilla thunderbird 9.0
mozilla thunderbird esr 10.0.2
mozilla thunderbird esr 10.0
mozilla thunderbird esr 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.5
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.5
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.1
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4
mozilla seamonkey 2.6
mozilla seamonkey 1.1.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
mozilla seamonkey 2.3
mozilla seamonkey 2.3.1
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.6
mozilla seamonkey 2.2
mozilla seamonkey 1.0.1
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 2.7
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.13
mozilla seamonkey 1.0.5
mozilla seamonkey 1.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.2
mozilla seamonkey
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.15
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.1.8
mozilla seamonkey 2.0.9
mozilla seamonkey 2.3.3
mozilla seamonkey 2.3.2
mozilla seamonkey 2.6.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.3

Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An updated thunderbird package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact C ...

Synopsis Critical: firefox security and bug fix update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix multiple security issues and three bugsare now available for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalse ...

Several security issues were fixed in Firefox ...

USN-1400-3 introduced regressions in Thunderbird ...

Firefox’s ability to use system proxy settings regressed ...

This update provides compatible ubufox packages for the latest Firefox ...

Several security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2012-18 windowfullScreen writeable by untrusted content Announced March 13, 2012 Reporter Matt Brubeck Impact Moderate Products Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird E ...

Get Started

CVE-2012-0460

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect