製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の Mozilla 製品における OpenID 認証情報と OAuth 2.0 アクセストークンを取得される脆弱性

タイトル	複数の Mozilla 製品における OpenID 認証情報と OAuth 2.0 アクセストークンを取得される脆弱性
概要	複数の Mozilla 製品の Content Security Policy (CSP) 機能は、違反レポートの blocked-uri パラメータに含まれる文字列を適切に制限しないため、OpenID 認証情報、および OAuth 2.0 アクセストークンを取得される脆弱性が存在します。
想定される影響	リモートの Web サーバにより、違反を誘発されることで、OpenID 認証情報、および OAuth 2.0 アクセストークンを取得される可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2012年7月17日0:00
登録日	2012年7月19日15:50
最終更新日	2012年12月14日18:28

CVSS2.0 : 警告
スコア	4.3
ベクター	AV:N/AC:M/Au:N/C:P/I:N/A:N

影響を受けるシステム

Mozilla Foundation

Mozilla Firefox 14 未満

Mozilla Firefox ESR 10.0.6 未満

Mozilla SeaMonkey 2.11 未満

Mozilla Thunderbird 14 未満

Mozilla Thunderbird ESR 10.0.6 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2012-1963	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1963
National Vulnerability Database (NVD)
2	CVE-2012-1963	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1963

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	名前	URL
Mozilla Foundation Security Advisory
1	MFSA2012-53	http://www.mozilla.org/security/announce/2012/mfsa2012-53.html
Mozilla Foundation セキュリティアドバイザリ
2	MFSA2012-53	http://www.mozilla-japan.org/security/announce/2012/mfsa2012-53.html
opensuse-security-announce
3	openSUSE-SU-2012:0899	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
4	openSUSE-SU-2012:0917	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
5	SUSE-SU-2012:0895	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
6	SUSE-SU-2012:0896	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
Red Hat Security Advisory
7	RHSA-2012:1088	http://rhn.redhat.com/errata/RHSA-2012-1088.html
SECURITY BLOG
8	Multiple vulnerabilities in Thunderbird	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird7

変更履歴

No	変更内容	変更日
0	[2012年07月19日] 掲載 [2012年10月22日] ベンダ情報：openSUSE (openSUSE-SU-2012:0899) を追加 [2012年11月29日] ベンダ情報：レッドハット (RHSA-2012:1088) を追加ベンダ情報：openSUSE (openSUSE-SU-2012:0917) を追加ベンダ情報：openSUSE (SUSE-SU-2012:0895) を追加ベンダ情報：openSUSE (SUSE-SU-2012:0896) を追加 [2012年12月14日] ベンダ情報：オラクル (Multiple vulnerabilities in Thunderbird) を追加	2018年2月17日10:37

NVD脆弱性情報

CVE-2012-1963

概要	The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.
公表日	2012年7月18日19:26
登録日	2021年1月28日14:56
最終更新日	2024年11月21日10:38

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:mozilla:firefox:4.0:beta6::::::
cpe:2.3:a:mozilla:firefox:4.0:beta1::::::
cpe:2.3:a:mozilla:firefox:8.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta9::::::
cpe:2.3:a:mozilla:firefox:4.0:beta5::::::
cpe:2.3:a:mozilla:firefox:4.0:beta8::::::
cpe:2.3:a:mozilla:firefox:4.0:beta12::::::
cpe:2.3:a:mozilla:firefox:4.0:beta3::::::
cpe:2.3:a:mozilla:firefox:5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:5.0:::::::*
cpe:2.3:a:mozilla:firefox:7.0:::::::*
cpe:2.3:a:mozilla:firefox:6.0.2:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta2::::::
cpe:2.3:a:mozilla:firefox:4.0:beta4::::::
cpe:2.3:a:mozilla:firefox:13.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta10::::::
cpe:2.3:a:mozilla:firefox:12.0:beta6::::::
cpe:2.3:a:mozilla:firefox:6.0.1:::::::*
cpe:2.3:a:mozilla:firefox:4.0:::::::*
cpe:2.3:a:mozilla:firefox:11.0:::::::*
cpe:2.3:a:mozilla:firefox:6.0:::::::*
cpe:2.3:a:mozilla:firefox:7.0.1:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta11::::::
cpe:2.3:a:mozilla:firefox:12.0:::::::*
cpe:2.3:a:mozilla:firefox:8.0.1:::::::*
cpe:2.3:a:mozilla:firefox:9.0.1:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta7::::::
cpe:2.3:a:mozilla:firefox:9.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0.1:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:a:mozilla:firefox:10.0:::::::*
cpe:2.3:a:mozilla:firefox:10.0.5:::::::*
cpe:2.3:a:mozilla:firefox:10.0.2:::::::*
cpe:2.3:a:mozilla:firefox:10.0.1:::::::*
cpe:2.3:a:mozilla:firefox:10.0.4:::::::*
cpe:2.3:a:mozilla:firefox:10.0.3:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:a:mozilla:thunderbird:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:13.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:5.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:8.0:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:11.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:12.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0:::::::*

構成4	以上	以下	より上	未満
cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:::::::*

構成5	以上	以下	より上	未満
cpe:2.3:a:mozilla:seamonkey:2.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha2::::::
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.11:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.10
cpe:2.3:a:mozilla:seamonkey:2.1:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.14:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:rc2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha3::::::
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:mozilla:firefox:4.0:beta6::::::
cpe:2.3:a:mozilla:firefox:4.0:beta1::::::
cpe:2.3:a:mozilla:firefox:8.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta9::::::
cpe:2.3:a:mozilla:firefox:4.0:beta5::::::
cpe:2.3:a:mozilla:firefox:4.0:beta8::::::
cpe:2.3:a:mozilla:firefox:4.0:beta12::::::
cpe:2.3:a:mozilla:firefox:4.0:beta3::::::
cpe:2.3:a:mozilla:firefox:5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:5.0:::::::*
cpe:2.3:a:mozilla:firefox:7.0:::::::*
cpe:2.3:a:mozilla:firefox:6.0.2:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta2::::::
cpe:2.3:a:mozilla:firefox:4.0:beta4::::::
cpe:2.3:a:mozilla:firefox:13.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta10::::::
cpe:2.3:a:mozilla:firefox:12.0:beta6::::::
cpe:2.3:a:mozilla:firefox:6.0.1:::::::*
cpe:2.3:a:mozilla:firefox:4.0:::::::*
cpe:2.3:a:mozilla:firefox:11.0:::::::*
cpe:2.3:a:mozilla:firefox:6.0:::::::*
cpe:2.3:a:mozilla:firefox:7.0.1:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta11::::::
cpe:2.3:a:mozilla:firefox:12.0:::::::*
cpe:2.3:a:mozilla:firefox:8.0.1:::::::*
cpe:2.3:a:mozilla:firefox:9.0.1:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta7::::::
cpe:2.3:a:mozilla:firefox:9.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0.1:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:a:mozilla:firefox:10.0:::::::*
cpe:2.3:a:mozilla:firefox:10.0.5:::::::*
cpe:2.3:a:mozilla:firefox:10.0.2:::::::*
cpe:2.3:a:mozilla:firefox:10.0.1:::::::*
cpe:2.3:a:mozilla:firefox:10.0.4:::::::*
cpe:2.3:a:mozilla:firefox:10.0.3:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:a:mozilla:thunderbird:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:13.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:5.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:8.0:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:11.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:12.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0:::::::*

構成4	以上	以下	より上	未満
cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:::::::*

構成5	以上	以下	より上	未満
cpe:2.3:a:mozilla:seamonkey:2.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha2::::::
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.11:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.10
cpe:2.3:a:mozilla:seamonkey:2.1:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.14:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:rc2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha3::::::
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

No	URL	タグ
1	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
2	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
3	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
4	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
5	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
6	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
7	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
8	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
9	http://osvdb.org/84005
10	http://osvdb.org/84005
11	http://rhn.redhat.com/errata/RHSA-2012-1088.html
12	http://rhn.redhat.com/errata/RHSA-2012-1088.html
13	http://secunia.com/advisories/49965
14	http://secunia.com/advisories/49965
15	http://secunia.com/advisories/49968
16	http://secunia.com/advisories/49968
17	http://secunia.com/advisories/49972
18	http://secunia.com/advisories/49972
19	http://secunia.com/advisories/49977
20	http://secunia.com/advisories/49977
21	http://secunia.com/advisories/49979
22	http://secunia.com/advisories/49979
23	http://secunia.com/advisories/49992
24	http://secunia.com/advisories/49992
25	http://secunia.com/advisories/49993
26	http://secunia.com/advisories/49993
27	http://secunia.com/advisories/49994
28	http://secunia.com/advisories/49994
29	http://www.mozilla.org/security/announce/2012/mfsa2012-53.html	Vendor Advisory
30	http://www.mozilla.org/security/announce/2012/mfsa2012-53.html	Vendor Advisory
31	http://www.securityfocus.com/bid/54582
32	http://www.securityfocus.com/bid/54582
33	http://www.securitytracker.com/id?1027256
34	http://www.securitytracker.com/id?1027256
35	http://www.securitytracker.com/id?1027257
36	http://www.securitytracker.com/id?1027257
37	http://www.securitytracker.com/id?1027258
38	http://www.securitytracker.com/id?1027258
39	http://www.ubuntu.com/usn/USN-1509-1
40	http://www.ubuntu.com/usn/USN-1509-1