CVE

Id
59126  
CVE No.
CVE-2012-5883  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209.  
Phase
Assigned (20121116)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
603573 59126 CVE-2012-5883 CONFIRM:http://www.bugzilla.org/security/3.6.11/  View
603574 59126 CVE-2012-5883 CONFIRM:http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/  View
603575 59126 CVE-2012-5883 CONFIRM:http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/  View
603576 59126 CVE-2012-5883 CONFIRM:http://yuilibrary.com/support/20121030-vulnerability/  View
603577 59126 CVE-2012-5883 CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=808845  View
603578 59126 CVE-2012-5883 MANDRIVA:MDVSA-2013:066  View
603579 59126 CVE-2012-5883 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:066  View
603580 59126 CVE-2012-5883 XF:bugzilla-flash-xss(80116)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
29676 JVNDB-2012-005383 TYPO3 用 Basic SEO Features エクステンションにおけるクロスサイトスクリプティングの脆弱性 TYPO3 用 Basic SEO Features (seo_basics) エクステンションには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-5888 59126 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005383.html  View