PT-2012-5246 · Mozilla+1 · Firefox+1

Kakzz.Ng

Published

2012-11-20

Updated

2024-12-12

CVE-2012-4203

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 17.0

Description The issue concerns the New Tab page in Mozilla Firefox, where JavaScript code executed by bookmarklets uses a privileged context. This allows remote attackers to run arbitrary programs if they can trick a user into using a javascript: URL in a bookmark.

Recommendations For versions prior to 17.0, update to version 17.0 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-4203

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:14572-1

Affected Products

Firefox

Suse

PT-2012-5246 · Mozilla+1 · Firefox+1

CVE-2012-4203

Weakness Enumeration

Related Identifiers

Affected Products

References · 2074