← Retour aux CVEs
CVE-2012-5354
N/ADescription
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.open method, and the Geolocation API, a different vulnerability than CVE-2012-3984.
Details CVE
Score CVSS v3.1N/A
Publie10/10/2012
Derniere modification4/11/2025
Sourcenvd
Observations honeypot0
Produits affectes
mozilla:firefoxmozilla:seamonkeymozilla:thunderbird
References
http://osvdb.org/86171(cve@mitre.org)
http://secunia.com/advisories/50856(cve@mitre.org)
http://secunia.com/advisories/50935(cve@mitre.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=726264(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16972(cve@mitre.org)
http://osvdb.org/86171(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/50856(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/50935(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2012/mfsa2012-75.html(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=726264(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16972(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.