SecuritySpace - CVE-2012-5354

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2012-5354

Description: Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.open method, and the Geolocation API, a different vulnerability than CVE-2012-3984.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-5354
http://osvdb.org/86171
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16972
http://secunia.com/advisories/50856
http://secunia.com/advisories/50935

CVE ID:	CVE-2012-5354
Description:	Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.open method, and the Geolocation API, a different vulnerability than CVE-2012-3984.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5354 http://osvdb.org/86171 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16972 http://secunia.com/advisories/50856 http://secunia.com/advisories/50935