Unrated severityNVD Advisory· Published Oct 10, 2012· Updated Jun 16, 2026
CVE-2012-5354
CVE-2012-5354
Description
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.open method, and the Geolocation API, a different vulnerability than CVE-2012-3984.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <16.0
- (no CPE)range: <16.0
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <2.13
- (no CPE)range: <2.13
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <16.0
- (no CPE)range: <16.0
Patches
Vulnerability mechanics
References
6- www.mozilla.org/security/announce/2012/mfsa2012-75.htmlnvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16972nvdThird Party Advisory
- osvdb.org/86171nvdBroken Link
- secunia.com/advisories/50856nvdBroken Link
- secunia.com/advisories/50935nvdBroken Link
News mentions
0No linked articles in our index yet.