Redhat : Security Vulnerabilities, CVEs, Published In August 2012 (Information Leak)
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.
Max CVSS
4.3
EPSS Score
0.21%
Published
2012-08-29
Updated
2020-08-26
The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.
Max CVSS
5.0
EPSS Score
0.24%
Published
2012-08-29
Updated
2020-09-09
2 vulnerabilities found