Oval Definition:	oval:com.ubuntu.precise:def:20120455000
Revision Date: 2012-03-14 Version: 1 Title: CVE-2012-0455 on Ubuntu 12.04 LTS (precise) - low. Description: Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue. Family: unix Class: vulnerability Status: Reference(s): CVE-2012-0455 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'firefox' package in precise is not affected. OR NOT While related to the CVE in some way, the 'thunderbird' package in precise is not affected.
BACK