Mozilla · Firefox · CVE-2012-0479
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions 4.x through 11.0
Firefox ESR versions 10.x before 10.0.4
Thunderbird versions 5.0 through 11.0
Thunderbird ESR versions 10.x before 10.0.4
SeaMonkey versions prior to 2.9
**Description**
The issue allows remote attackers to spoof the address bar via an https URL for invalid RSS or Atom XML content.
**Recommendations**
For Mozilla Firefox versions 4.x through 11.0, update to a version outside of this range to resolve the issue.
For Firefox ESR versions 10.x before 10.0.4, update to version 10.0.4 or later.
For Thunderbird versions 5.0 through 11.0, update to a version outside of this range.
For Thunderbird ESR versions 10.x before 10.0.4, update to version 10.0.4 or later.
For SeaMonkey versions prior to 2.9, update to version 2.9 or later.