CVE Kennung:	CVE-2012-1966
Beschreibung:	Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.71511   1.3.6.1.4.1.25623.1.0.71490
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1966 BugTraq ID: 54577 http://www.securityfocus.com/bid/54577 Debian Security Information: DSA-2514 (Google Search) http://www.debian.org/security/2012/dsa-2514 http://osvdb.org/84009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17037 RedHat Security Advisories: RHSA-2012:1088 http://rhn.redhat.com/errata/RHSA-2012-1088.html http://www.securitytracker.com/id?1027256 http://secunia.com/advisories/49964 http://secunia.com/advisories/49965 http://secunia.com/advisories/49972 http://secunia.com/advisories/49979 http://secunia.com/advisories/49992 SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2