CVE-2012-0960

Published: 22 November 2012

Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.

Priority

Medium

Status

Package Release Status
unity-firefox-extension
Launchpad, Ubuntu, Debian
Upstream Needs triage