VulnerableCode Package Details - pkg:mozilla/Firefox@13.0.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1szy-64t4-2bab	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	CVE-2012-1938
VCID-5y7y-3fnf-cueh	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	CVE-2012-1945
VCID-8q4m-rkhj-5fhj	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	CVE-2012-1964
VCID-bfd8-7p4k-abae	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	CVE-2012-0441
VCID-cq4q-mh6g-aub7	Security researcher Adam Barth found that inline event handlers, such as onclick, were no longer blocked by Content Security Policy's (CSP) inline-script blocking feature. Web applications relying on this feature of CSP to protect against cross-site scripting (XSS) were not fully protected.	CVE-2012-1944
VCID-gjxf-vn2v-pkcp	Security researcher Robert Kugler discovered that in some instances the Mozilla Maintenance Service on Windows will be vulnerable to some previously fixed privilege escalation attacks that allowed for local privilege escalation. This was caused by the Mozilla Updater not updating Windows Registry entries for the Mozilla Maintenance Service, which fixed the earlier issues present if Firefox 12 had been installed. New installations of Firefox after version 12 are not affected by this issue. Local file system access is necessary in order for this issue to be exploitable and it cannot be triggered through web content.	CVE-2012-1942
VCID-s3m1-pnhd-n3ex	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	CVE-2012-1947
VCID-v5y5-u355-mbdd	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	CVE-2012-1946

Vulnerability

Summary

Aliases

VCID-1szy-64t4-2bab

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.

CVE-2012-1938

VCID-5y7y-3fnf-cueh

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.

CVE-2012-1945

VCID-8q4m-rkhj-5fhj

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.

CVE-2012-1964

VCID-bfd8-7p4k-abae

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.

CVE-2012-0441

VCID-cq4q-mh6g-aub7

Security researcher Adam Barth found that inline event handlers, such as onclick, were no longer blocked by Content Security Policy's (CSP) inline-script blocking feature. Web applications relying on this feature of CSP to protect against cross-site scripting (XSS) were not fully protected.

CVE-2012-1944

VCID-gjxf-vn2v-pkcp

Security researcher Robert Kugler discovered that in some instances the Mozilla Maintenance Service on Windows will be vulnerable to some previously fixed privilege escalation attacks that allowed for local privilege escalation. This was caused by the Mozilla Updater not updating Windows Registry entries for the Mozilla Maintenance Service, which fixed the earlier issues present if Firefox 12 had been installed. New installations of Firefox after version 12 are not affected by this issue. Local file system access is necessary in order for this issue to be exploitable and it cannot be triggered through web content.

CVE-2012-1942

VCID-s3m1-pnhd-n3ex

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.

CVE-2012-1947

VCID-v5y5-u355-mbdd

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.

CVE-2012-1946

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:17:59.848801+00:00	Mozilla Importer	Fixing	VCID-v5y5-u355-mbdd	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-38.md	38.0.0
2026-04-01T13:17:58.658939+00:00	Mozilla Importer	Fixing	VCID-1szy-64t4-2bab	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-34.md	38.0.0
2026-04-01T13:17:58.057839+00:00	Mozilla Importer	Fixing	VCID-8q4m-rkhj-5fhj	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-54.md	38.0.0
2026-04-01T13:17:57.266943+00:00	Mozilla Importer	Fixing	VCID-gjxf-vn2v-pkcp	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-35.md	38.0.0
2026-04-01T13:17:57.120503+00:00	Mozilla Importer	Fixing	VCID-cq4q-mh6g-aub7	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-36.md	38.0.0
2026-04-01T13:17:56.682795+00:00	Mozilla Importer	Fixing	VCID-s3m1-pnhd-n3ex	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-40.md	38.0.0
2026-04-01T13:17:54.726399+00:00	Mozilla Importer	Fixing	VCID-bfd8-7p4k-abae	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-39.md	38.0.0
2026-04-01T13:17:50.741170+00:00	Mozilla Importer	Fixing	VCID-5y7y-3fnf-cueh	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-37.md	38.0.0