VULNERABILITIES / FIXES - April 25, 2012
by Carol~ - 4/25/12 5:17 PM
Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities
Release Date : 2012-04-25
Criticality level : Highly critical
Impact : Security Bypass
Cross Site Scripting
Exposure of system information
Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch
Software: Mozilla Firefox 10.x
Mozilla SeaMonkey 2.x
Mozilla Thunderbird 10.x
Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.
NOTE: CVE-2012-0468, CVE-2012-0475, and CVE-2011-1187 do not affect Firefox and Thunderbird.
Update to Firefox version 10.0.4, Thunderbird version 10.0.4, or SeaMonkey version 2.9.