Lucene search

[email protected]CVE-2012-0676

HistoryMay 11, 2012 - 3:49 a.m.

CVE-2012-0676

2012-05-1103:49:59

CWE-20

[email protected]

web.nvd.nist.gov

cve-2012-0676

webkit

apple safari

form input

remote attackers

security vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.3%

JSON

WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors.

Affected configurations

NVD

Node

applesafariRange≤5.1.6

applesafariMatch1.0

applesafariMatch1.0beta

applesafariMatch1.0beta2

applesafariMatch1.0.0

applesafariMatch1.0.0b1

applesafariMatch1.0.0b2

applesafariMatch1.0.1

applesafariMatch1.0.2

applesafariMatch1.0.3

applesafariMatch1.0.385.8

applesafariMatch1.0.385.8.1

applesafariMatch1.0b1-mac

applesafariMatch1.1

applesafariMatch1.1.0

applesafariMatch1.1.1

applesafariMatch1.2

applesafariMatch1.2.0

applesafariMatch1.2.1

applesafariMatch1.2.2

applesafariMatch1.2.3

applesafariMatch1.2.4

applesafariMatch1.2.5

applesafariMatch1.3

applesafariMatch1.3.0

applesafariMatch1.3.1

applesafariMatch1.3.2

applesafariMatch1.3.2312.5

applesafariMatch1.3.2312.6

applesafariMatch2

applesafariMatch2.0

applesafariMatch2.0.0

applesafariMatch2.0.1

applesafariMatch2.0.2

applesafariMatch2.0.3

applesafariMatch2.0.3417.8

applesafariMatch2.0.3417.9

applesafariMatch2.0.3417.9.2

applesafariMatch2.0.3417.9.3

applesafariMatch2.0.4

applesafariMatch2.0.4-mac

applesafariMatch3

applesafariMatch3.0

applesafariMatch3.0.0

applesafariMatch3.0.0-mac

applesafariMatch3.0.0b

applesafariMatch3.0.0b-windows

applesafariMatch3.0.1

applesafariMatch3.0.1-mac

applesafariMatch3.0.1beta

applesafariMatch3.0.1b

applesafariMatch3.0.1b-windows

applesafariMatch3.0.2

applesafariMatch3.0.2-mac

applesafariMatch3.0.2b

applesafariMatch3.0.2b-windows

applesafariMatch3.0.3

applesafariMatch3.0.3-mac

applesafariMatch3.0.3b

applesafariMatch3.0.3b-windows

applesafariMatch3.0.4

applesafariMatch3.0.4-mac

applesafariMatch3.0.4b

applesafariMatch3.0.4b-windows

applesafariMatch3.1.0

applesafariMatch3.1.0-mac

applesafariMatch3.1.0b

applesafariMatch3.1.0b-windows

applesafariMatch3.1.1

applesafariMatch3.1.1b-windows

applesafariMatch3.1.2

applesafariMatch3.1.2b-windows

applesafariMatch3.2.0

applesafariMatch3.2.0b-windows

applesafariMatch3.2.1

applesafariMatch3.2.1b-windows

applesafariMatch3.2.2

applesafariMatch3.2.2b-windows

applesafariMatch4.0

applesafariMatch4.0beta

applesafariMatch4.0.0b

applesafariMatch4.0.1

applesafariMatch4.0.2

applesafariMatch4.0.3

applesafariMatch4.0.4

applesafariMatch4.0.5

applesafariMatch4.1

applesafariMatch4.1.1

applesafariMatch4.1.2

applesafariMatch5.0

applesafariMatch5.0.1

applesafariMatch5.0.2

applesafariMatch5.0.4

applesafariMatch5.0.5

applesafariMatch5.0.6

applesafariMatch5.1

applesafariMatch5.1.1

applesafariMatch5.1.2

applesafariMatch5.1.3

applesafariMatch5.1.4

applesafariMatch5.1.5

CPENameOperatorVersion
apple:safariapple safarile5.1.6
apple:safariapple safarieq1.0
apple:safariapple safarieq1.0.0
apple:safariapple safarieq1.0.0b1
apple:safariapple safarieq1.0.0b2
apple:safariapple safarieq1.0.1
apple:safariapple safarieq1.0.2
apple:safariapple safarieq1.0.3
apple:safariapple safarieq1.0b1
apple:safariapple safarieq1.1

CPE	Name	Operator	Version
apple:safari	apple safari	le	5.1.6
apple:safari	apple safari	eq	1.0
apple:safari	apple safari	eq	1.0.0
apple:safari	apple safari	eq	1.0.0b1
apple:safari	apple safari	eq	1.0.0b2
apple:safari	apple safari	eq	1.0.1
apple:safari	apple safari	eq	1.0.2
apple:safari	apple safari	eq	1.0.3
apple:safari	apple safari	eq	1.0b1
apple:safari	apple safari	eq	1.1

Rows per page:

1-10 of 761

References

lists.apple.com/archives/security-announce/2012/May/msg00002.html

osvdb.org/81787

secunia.com/advisories/47292

support.apple.com/kb/HT5282

www.securitytracker.com/id?1027053

exchange.xforce.ibmcloud.com/vulnerabilities/75474

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2012-0676

prion1 nvd1 cvelist1 nessus4 openvas4