CVE-2012-0445

Published: 01 February 2012

Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.

Priority

Low

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

seamonkey
Launchpad, Ubuntu, Debian
Upstream Needs triage

thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

xulrunner-1.9.2
Launchpad, Ubuntu, Debian
Upstream Needs triage

xulrunner-2.0
Launchpad, Ubuntu, Debian
Upstream Needs triage