CVE-2012-5837

Published: 21 November 2012

The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.

Priority

Medium

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 12.04 ESM (Precise Pangolin)
Released (17.0+build2-0ubuntu0.12.04.1)
seamonkey
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

thunderbird
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 12.04 ESM (Precise Pangolin) Not vulnerable

xulrunner-1.9.2
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

xulrunner-2.0
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist