Bug 1166064 (CVE-2012-6662) - CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget
Summary: CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2012-6662
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1166825 1166826 1166086 1166087 1166088 1166089 1166090 1166091 1166092 1166093 1166094 1166095 1166096 1166097 1166098 1166099 1166100 1166101 1166102 1166103 1166104 1166105 1166106 1166107 1166109 1166111 1166112 1166113 1166114 1166115 1166116 1166117 1166229 1166241 1166242 1166758 1166759 1166760 1166761 1166762 1166764 1166765 1166766 1166767 1166768 1166769 1166771 1166772 1166773 1166775 1166776 1166777 1166779 1166780 1166781 1166782 1166784 1166785 1166786 1166787 1166788 1166789 1166790 1166791 1166792 1166793 1166794 1166795 1166796 1166797 1166798 1166799 1166800 1166801 1166802 1166803 1166804 1166805 1166806 1166807 1166809 1166810 1166812 1166813 1166814 1166815 1166816 1166817 1166818 1166819 1166820 1166822 1166823 1166824 1166827
Blocks: 1162456
TreeView+ depends on / blocked
 
Reported: 2014-11-20 11:06 UTC by Vasyl Kaigorodov
Modified: 2019-09-29 13:24 UTC (History)
134 users (show)

Fixed In Version: jQuery UI 1.10.0
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-10-06 05:57:08 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0442 normal SHIPPED_LIVE Moderate: ipa security, bug fix, and enhancement update 2015-03-05 14:50:39 UTC
Red Hat Product Errata RHSA-2015:1462 normal SHIPPED_LIVE Moderate: ipa security and bug fix update 2015-07-21 14:14:52 UTC

Description Vasyl Kaigorodov 2014-11-20 11:06:08 UTC
jQuery UI 1.10.0 release fixes XSS issue [1] in jQuery Tooltip widget.
From [1]:
...
WIDGETS
Tooltip
Fixed: XSS vulnerability in default content. (#8861, f285440)
...

The issue was initially reported in [2], and then actually fixed in [3] by commit [4].

[1]: http://jqueryui.com/changelog/1.10.0/
[2]: http://bugs.jqueryui.com/ticket/8859
[3]: http://bugs.jqueryui.com/ticket/8861
[4]: https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde

--
Note: whiteboard lists quite some packages, which are known to have jQuery embedded.

Comment 1 Dominic Cleal 2014-11-20 14:44:09 UTC
Regarding products that ship rubygem-jquery-ui-rails (or ruby193-) such as Satellite 6 or OpenStack, versions 4.0.0 or higher of jquery-ui-rails contain jquery-ui 1.10.0, so should not be vulnerable if newer than 4.0.0.

jquery-ui-rails is essentially a redistribution of jquery-ui and has a version scheme of its own: https://github.com/joliss/jquery-ui-rails/blob/master/VERSIONS.md

Comment 4 Mukundan Ragavan 2014-11-22 01:52:14 UTC
I don't think any of the packages I maintain are listed here ...

Comment 5 Tomas Hoger 2014-11-24 08:25:48 UTC
(In reply to Mukundan Ragavan from comment #4)
> I don't think any of the packages I maintain are listed here ...

You got CCed here because you own fityk, which was first listed as affected, and is now listed an unaffected.

Comment 7 errata-xmlrpc 2015-03-05 10:15:17 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:0442 https://rhn.redhat.com/errata/RHSA-2015-0442.html

Comment 8 errata-xmlrpc 2015-07-22 07:39:11 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2015:1462 https://rhn.redhat.com/errata/RHSA-2015-1462.html


Note You need to log in before you can comment on or make changes to this bug.