CVE-2012-0475

Public Date:: 2012-04-24

Bugzilla:: 815187: CVE-2011-1187 CVE-2012-0475 Multiple flaws in Firefox 12 which do not affect firefox 10.0.4 ESR

The MITRE CVE dictionary describes this issue as:

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.

Find out more about CVE-2012-0475 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not Vulnerable. These issues do not affect the versions of firefox and thunderbird package, as shipped with Red Hat Enterprise Linux 5 and 6.

Last Modified 2018-04-27T14:54:38+00:00

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

CVE-2012-0475

Statement