CVE-2012-5881
16.11.2012, 12:24
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207.
| Vendor | Product | Version |
|---|---|---|
| yahoo | yui | 2.4.0 |
| yahoo | yui | 2.4.1 |
| yahoo | yui | 2.5.0 |
| yahoo | yui | 2.5.1 |
| yahoo | yui | 2.5.2 |
| yahoo | yui | 2.6.0 |
| yahoo | yui | 2.7.0 |
| yahoo | yui | 2.8.0 |
| yahoo | yui | 2.8.1 |
| yahoo | yui | 2.8.1:pr1 |
| yahoo | yui | 2.8.2 |
| yahoo | yui | 2.9.0 |
| yahoo | yui | 2.9.0:pr2 |
| yahoo | yui | 2.9.0:pr4 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| maas |
| ||||||||||||||||||||||||||||||||||||
| yui |
|
References