{
  "threat_severity" : "Moderate",
  "public_date" : "2012-04-24T00:00:00Z",
  "bugzilla" : {
    "description" : "Mozilla: Potential XSS via multibyte content processing errors (MFSA 2012-24)",
    "id" : "815021",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=815021"
  },
  "cvss" : {
    "cvss_base_score" : "4.3",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-79",
  "details" : [ "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set." ],
  "acknowledgement" : "Red Hat would like to thank Mozilla project for reporting this issue. Upstream acknowledges Anne van Kesteren (Opera Software) as the original reporter.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2012-04-24T00:00:00Z",
    "advisory" : "RHSA-2012:0515",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "firefox-0:10.0.4-1.el5_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2012-04-24T00:00:00Z",
    "advisory" : "RHSA-2012:0515",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "xulrunner-0:10.0.4-1.el5_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2012-04-24T00:00:00Z",
    "advisory" : "RHSA-2012:0516",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "thunderbird-0:10.0.4-1.el5_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-04-24T00:00:00Z",
    "advisory" : "RHSA-2012:0515",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "firefox-0:10.0.4-1.el6_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-04-24T00:00:00Z",
    "advisory" : "RHSA-2012:0515",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "xulrunner-0:10.0.4-1.el6_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-04-24T00:00:00Z",
    "advisory" : "RHSA-2012:0516",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "thunderbird-0:10.0.4-1.el6_2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-0471\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-0471" ],
  "name" : "CVE-2012-0471",
  "csaw" : false
}