Information Disclosure Vulnerability in DOMParser Component

Information Disclosure Vulnerability in DOMParser Component

CVE-2012-3975 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.