Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2012-3976 | First vendor Publication | 2012-08-29 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:16060 | |||
| Oval ID: | oval:org.mitre.oval:def:16060 | ||
| Title: | Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page. | ||
| Description: | Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-3976 | Version: | 18 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-12-13 | Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox) File : nvt/gb_suse_2012_1064_1.nasl |
| 2012-09-17 | Name : Ubuntu Update for firefox USN-1548-2 File : nvt/gb_ubuntu_USN_1548_2.nasl |
| 2012-09-06 | Name : Ubuntu Update for firefox USN-1548-1 File : nvt/gb_ubuntu_USN_1548_1.nasl |
| 2012-08-30 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox69.nasl |
| 2012-08-30 | Name : CentOS Update for firefox CESA-2012:1210 centos5 File : nvt/gb_CESA-2012_1210_firefox_centos5.nasl |
| 2012-08-30 | Name : CentOS Update for firefox CESA-2012:1210 centos6 File : nvt/gb_CESA-2012_1210_firefox_centos6.nasl |
| 2012-08-30 | Name : RedHat Update for firefox RHSA-2012:1210-01 File : nvt/gb_RHSA-2012_1210-01_firefox.nasl |
| 2012-08-30 | Name : Mandriva Update for firefox MDVSA-2012:145 (firefox) File : nvt/gb_mandriva_MDVSA_2012_145.nasl |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_firefox_20130129.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-538.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-534.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1210.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201208-120831.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
| 2012-09-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201208-8269.nasl - Type : ACT_GATHER_INFO |
| 2012-09-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1548-2.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-145.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2b8cad90f28911e1a21514dae9ebcf89.nasl - Type : ACT_GATHER_INFO |
| 2012-08-30 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120829_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1548-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-30 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1210.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_212.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1210.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_150.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1007.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_15_0.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_7.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:00:21 |
|
| 2024-11-28 12:31:12 |
|
| 2024-11-01 01:20:41 |
|
| 2024-10-22 09:28:30 |
|
| 2024-10-21 17:28:37 |
|
| 2024-08-02 12:20:52 |
|
| 2024-08-02 01:06:07 |
|
| 2024-02-10 01:18:40 |
|
| 2024-02-02 01:20:15 |
|
| 2024-02-01 12:05:58 |
|
| 2023-09-05 12:19:07 |
|
| 2023-09-05 01:05:51 |
|
| 2023-09-02 12:19:08 |
|
| 2023-09-02 01:05:56 |
|
| 2023-08-12 12:22:59 |
|
| 2023-08-12 01:05:57 |
|
| 2023-08-11 12:19:16 |
|
| 2023-08-11 01:06:07 |
|
| 2023-08-06 12:18:31 |
|
| 2023-08-06 01:05:58 |
|
| 2023-08-04 12:18:35 |
|
| 2023-08-04 01:06:00 |
|
| 2023-07-14 12:18:34 |
|
| 2023-07-14 01:05:55 |
|
| 2023-04-01 01:15:32 |
|
| 2023-03-29 01:20:33 |
|
| 2023-03-28 12:06:03 |
|
| 2022-10-11 12:16:35 |
|
| 2022-10-11 01:05:38 |
|
| 2022-04-26 01:13:41 |
|
| 2021-05-04 12:23:12 |
|
| 2021-04-22 01:27:43 |
|
| 2020-10-14 01:08:14 |
|
| 2020-10-03 01:08:17 |
|
| 2020-09-02 17:22:51 |
|
| 2020-05-29 01:07:36 |
|
| 2020-05-23 01:49:30 |
|
| 2020-05-23 00:34:26 |
|
| 2019-06-25 12:04:42 |
|
| 2019-02-01 12:02:42 |
|
| 2019-01-30 12:04:49 |
|
| 2018-06-29 12:01:14 |
|
| 2018-01-18 12:04:51 |
|
| 2017-11-22 12:04:49 |
|
| 2017-11-21 12:04:02 |
|
| 2017-09-19 09:25:28 |
|
| 2016-06-28 22:00:56 |
|
| 2016-04-26 22:10:03 |
|
| 2015-01-21 13:25:45 |
|
| 2014-06-14 13:33:23 |
|
| 2014-02-17 11:12:38 |
|
| 2013-11-04 21:23:32 |
|
| 2013-05-30 13:23:21 |
|
| 2013-05-10 22:44:25 |
|
| 2013-02-01 13:20:34 |
|
| 2013-01-30 13:22:26 |
|
