CVE - CVE-2012-3984

CVE-ID
CVE-2012-3984	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://www.mozilla.org/security/announce/2012/mfsa2012-75.html CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=575294 OVAL:oval:org.mitre.oval:def:16184 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16184 SECUNIA:50856 URL:http://secunia.com/advisories/50856 SECUNIA:50892 URL:http://secunia.com/advisories/50892 SECUNIA:50904 URL:http://secunia.com/advisories/50904 SECUNIA:50935 URL:http://secunia.com/advisories/50935 SECUNIA:50984 URL:http://secunia.com/advisories/50984 SUSE:SUSE-SU-2012:1351 URL:http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html UBUNTU:USN-1611-1 URL:http://www.ubuntu.com/usn/USN-1611-1
Assigning CNA
MITRE Corporation
Date Record Created
20120711	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120711)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)