CVE-2012-0475

Published: Apr 25, 2012Modified: Apr 29, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.

Affected (157)

Products: Mozilla: Firefox, Thunderbird, Seamonkey

3 products

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 10.0.1
Mozilla Firefox	Version 10.0.2
Mozilla Firefox	Version 10.0
Mozilla Firefox	Version 11.0
Mozilla Firefox	Version 4.0.1
Mozilla Firefox	Version 4.0
Mozilla Firefox	Version 4.0 beta10
Mozilla Firefox	Version 4.0 beta11
Mozilla Firefox	Version 4.0 beta12
Mozilla Firefox	Version 4.0 beta1
Mozilla Firefox	Version 4.0 beta2
Mozilla Firefox	Version 4.0 beta3
Mozilla Firefox	Version 4.0 beta4
Mozilla Firefox	Version 4.0 beta5
Mozilla Firefox	Version 4.0 beta6
Mozilla Firefox	Version 4.0 beta7
Mozilla Firefox	Version 4.0 beta8
Mozilla Firefox	Version 4.0 beta9
Mozilla Firefox	Version 5.0.1
Mozilla Firefox	Version 5.0
Mozilla Firefox	Version 6.0.1
Mozilla Firefox	Version 6.0.2
Mozilla Firefox	Version 6.0
Mozilla Firefox	Version 7.0.1
Mozilla Firefox	Version 7.0
Mozilla Firefox	Version 8.0.1
Mozilla Firefox	Version 8.0
Mozilla Firefox	Version 9.0.1
Mozilla Firefox	Version 9.0

Configuration B

15 vulnerable

Vulnerable Software	Affected Versions
Mozilla Thunderbird	Version 10.0.1
Mozilla Thunderbird	Version 10.0.2
Mozilla Thunderbird	Version 10.0.3
Mozilla Thunderbird	Version 10.0.4
Mozilla Thunderbird	Version 10.0
Mozilla Thunderbird	Version 11.0
Mozilla Thunderbird	Version 5.0
Mozilla Thunderbird	Version 6.0.1
Mozilla Thunderbird	Version 6.0.2
Mozilla Thunderbird	Version 6.0
Mozilla Thunderbird	Version 7.0.1
Mozilla Thunderbird	Version 7.0
Mozilla Thunderbird	Version 8.0
Mozilla Thunderbird	Version 9.0.1
Mozilla Thunderbird	Version 9.0

Configuration C

113 vulnerable

Vulnerable Software	Affected Versions
Mozilla Seamonkey	Up to 2.9
Mozilla Seamonkey	Version 1.0.1
Mozilla Seamonkey	Version 1.0.2
Mozilla Seamonkey	Version 1.0.3
Mozilla Seamonkey	Version 1.0.4
Mozilla Seamonkey	Version 1.0.5
Mozilla Seamonkey	Version 1.0.6
Mozilla Seamonkey	Version 1.0.7
Mozilla Seamonkey	Version 1.0.8
Mozilla Seamonkey	Version 1.0.9
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0 alpha
Mozilla Seamonkey	Version 1.0 beta
Mozilla Seamonkey	Version 1.1.10
Mozilla Seamonkey	Version 1.1.11
Mozilla Seamonkey	Version 1.1.12
Mozilla Seamonkey	Version 1.1.13
Mozilla Seamonkey	Version 1.1.14
Mozilla Seamonkey	Version 1.1.15
Mozilla Seamonkey	Version 1.1.16
Mozilla Seamonkey	Version 1.1.17
Mozilla Seamonkey	Version 1.1.18
Mozilla Seamonkey	Version 1.1.19
Mozilla Seamonkey	Version 1.1.1
Mozilla Seamonkey	Version 1.1.2
Mozilla Seamonkey	Version 1.1.3
Mozilla Seamonkey	Version 1.1.4
Mozilla Seamonkey	Version 1.1.5
Mozilla Seamonkey	Version 1.1.6
Mozilla Seamonkey	Version 1.1.7
Mozilla Seamonkey	Version 1.1.8
Mozilla Seamonkey	Version 1.1.9
Mozilla Seamonkey	Version 1.1
Mozilla Seamonkey	Version 1.1 alpha
Mozilla Seamonkey	Version 1.1 beta
Mozilla Seamonkey	Version 1.5.0.10
Mozilla Seamonkey	Version 1.5.0.8
Mozilla Seamonkey	Version 1.5.0.9
Mozilla Seamonkey	Version 2.0.10
Mozilla Seamonkey	Version 2.0.11
Mozilla Seamonkey	Version 2.0.12
Mozilla Seamonkey	Version 2.0.13
Mozilla Seamonkey	Version 2.0.14
Mozilla Seamonkey	Version 2.0.1
Mozilla Seamonkey	Version 2.0.2
Mozilla Seamonkey	Version 2.0.3
Mozilla Seamonkey	Version 2.0.4
Mozilla Seamonkey	Version 2.0.5
Mozilla Seamonkey	Version 2.0.6
Mozilla Seamonkey	Version 2.0.7
Mozilla Seamonkey	Version 2.0.8
Mozilla Seamonkey	Version 2.0.9
Mozilla Seamonkey	Version 2.0
Mozilla Seamonkey	Version 2.0 alpha_1
Mozilla Seamonkey	Version 2.0 alpha_2
Mozilla Seamonkey	Version 2.0 alpha_3
Mozilla Seamonkey	Version 2.0 beta_1
Mozilla Seamonkey	Version 2.0 beta_2
Mozilla Seamonkey	Version 2.0 rc1
Mozilla Seamonkey	Version 2.0 rc2
Mozilla Seamonkey	Version 2.1
Mozilla Seamonkey	Version 2.1 alpha1
Mozilla Seamonkey	Version 2.1 alpha2
Mozilla Seamonkey	Version 2.1 alpha3
Mozilla Seamonkey	Version 2.1 beta1
Mozilla Seamonkey	Version 2.1 beta2
Mozilla Seamonkey	Version 2.1 beta3
Mozilla Seamonkey	Version 2.1 rc1
Mozilla Seamonkey	Version 2.1 rc2
Mozilla Seamonkey	Version 2.2
Mozilla Seamonkey	Version 2.2 beta1
Mozilla Seamonkey	Version 2.2 beta2
Mozilla Seamonkey	Version 2.2 beta3
Mozilla Seamonkey	Version 2.3.1
Mozilla Seamonkey	Version 2.3.2
Mozilla Seamonkey	Version 2.3.3
Mozilla Seamonkey	Version 2.3
Mozilla Seamonkey	Version 2.3 beta1
Mozilla Seamonkey	Version 2.3 beta2
Mozilla Seamonkey	Version 2.3 beta3
Mozilla Seamonkey	Version 2.4.1
Mozilla Seamonkey	Version 2.4
Mozilla Seamonkey	Version 2.4 beta1
Mozilla Seamonkey	Version 2.4 beta2
Mozilla Seamonkey	Version 2.4 beta3
Mozilla Seamonkey	Version 2.5
Mozilla Seamonkey	Version 2.5 beta1
Mozilla Seamonkey	Version 2.5 beta2
Mozilla Seamonkey	Version 2.5 beta3
Mozilla Seamonkey	Version 2.5 beta4
Mozilla Seamonkey	Version 2.6.1
Mozilla Seamonkey	Version 2.6
Mozilla Seamonkey	Version 2.6 beta1
Mozilla Seamonkey	Version 2.6 beta2
Mozilla Seamonkey	Version 2.6 beta3
Mozilla Seamonkey	Version 2.6 beta4
Mozilla Seamonkey	Version 2.7.1
Mozilla Seamonkey	Version 2.7.2
Mozilla Seamonkey	Version 2.7
Mozilla Seamonkey	Version 2.7 beta1
Mozilla Seamonkey	Version 2.7 beta2
Mozilla Seamonkey	Version 2.7 beta3
Mozilla Seamonkey	Version 2.7 beta4
Mozilla Seamonkey	Version 2.7 beta5
Mozilla Seamonkey	Version 2.8
Mozilla Seamonkey	Version 2.8 beta1
Mozilla Seamonkey	Version 2.8 beta2
Mozilla Seamonkey	Version 2.8 beta3
Mozilla Seamonkey	Version 2.8 beta4
Mozilla Seamonkey	Version 2.8 beta5
Mozilla Seamonkey	Version 2.8 beta6
Mozilla Seamonkey	Version 2.9 beta1
Mozilla Seamonkey	Version 2.9 beta2