Lucene search
JpcertCVE-2012-2648HistoryAug 07, 2012 - 7:55 p.m.
CVE-2012-2648
2012-08-0719:55:02
CWE-79
jpcert
web.nvd.nist.gov
25
cve-2012-2648
cross-site scripting
xss
goodreader app
ios
ipad
iphone
ipod touch
web script
html
vulnerability
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
49.0%
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser.
Affected configurations
Node
goodiwaregoodreaderRange≤3.16-iphone_os
ORgoodiwaregoodreaderMatch1.1-iphone_os
ORgoodiwaregoodreaderMatch2.0-iphone_os
ORgoodiwaregoodreaderMatch2.1-iphone_os
ORgoodiwaregoodreaderMatch2.2-iphone_os
ORgoodiwaregoodreaderMatch2.3-iphone_os
ORgoodiwaregoodreaderMatch2.4-iphone_os
ORgoodiwaregoodreaderMatch2.5-iphone_os
ORgoodiwaregoodreaderMatch2.5.1-iphone_os
ORgoodiwaregoodreaderMatch2.6-iphone_os
ORgoodiwaregoodreaderMatch2.7-iphone_os
ORgoodiwaregoodreaderMatch2.7.4-iphone_os
ORgoodiwaregoodreaderMatch2.8-iphone_os
ORgoodiwaregoodreaderMatch2.8.4-iphone_os
ORgoodiwaregoodreaderMatch3.0.0-iphone_os
ORgoodiwaregoodreaderMatch3.0.1-iphone_os
ORgoodiwaregoodreaderMatch3.0.2-iphone_os
ORgoodiwaregoodreaderMatch3.0.3-iphone_os
ORgoodiwaregoodreaderMatch3.1.0-iphone_os
ORgoodiwaregoodreaderMatch3.1.2-iphone_os
ORgoodiwaregoodreaderMatch3.2.0-iphone_os
ORgoodiwaregoodreaderMatch3.3.0-iphone_os
ORgoodiwaregoodreaderMatch3.3.1-iphone_os
ORgoodiwaregoodreaderMatch3.4.0-iphone_os
ORgoodiwaregoodreaderMatch3.4.1-iphone_os
ORgoodiwaregoodreaderMatch3.5.0-iphone_os
ORgoodiwaregoodreaderMatch3.5.1-iphone_os
ORgoodiwaregoodreaderMatch3.6.0-iphone_os
ORgoodiwaregoodreaderMatch3.6.1-iphone_os
ORgoodiwaregoodreaderMatch3.7.0-iphone_os
ORgoodiwaregoodreaderMatch3.7.1-iphone_os
ORgoodiwaregoodreaderMatch3.8.0-iphone_os
ORgoodiwaregoodreaderMatch3.9.0-iphone_os
ORgoodiwaregoodreaderMatch3.10.0-iphone_os
ORgoodiwaregoodreaderMatch3.10.1-iphone_os
ORgoodiwaregoodreaderMatch3.10.2-iphone_os
ORgoodiwaregoodreaderMatch3.10.3-iphone_os
ORgoodiwaregoodreaderMatch3.11.0-iphone_os
ORgoodiwaregoodreaderMatch3.11.1-iphone_os
ORgoodiwaregoodreaderMatch3.12.0-iphone_os
ORgoodiwaregoodreaderMatch3.13.0-iphone_os
ORgoodiwaregoodreaderMatch3.13.1-iphone_os
ORgoodiwaregoodreaderMatch3.14.0-iphone_os
ORgoodiwaregoodreaderMatch3.14.2-iphone_os
ORgoodiwaregoodreaderMatch3.15.0-iphone_os
ORgoodiwaregoodreaderMatch3.15.1-iphone_os
appleipad
Node
goodiwaregoodreaderRange≤3.15.1-iphone_os
ORgoodiwaregoodreaderMatch1.1-iphone_os
ORgoodiwaregoodreaderMatch2.0-iphone_os
ORgoodiwaregoodreaderMatch2.1-iphone_os
ORgoodiwaregoodreaderMatch2.2-iphone_os
ORgoodiwaregoodreaderMatch2.3-iphone_os
ORgoodiwaregoodreaderMatch2.4-iphone_os
ORgoodiwaregoodreaderMatch2.5-iphone_os
ORgoodiwaregoodreaderMatch2.5.1-iphone_os
ORgoodiwaregoodreaderMatch2.6-iphone_os
ORgoodiwaregoodreaderMatch2.7-iphone_os
ORgoodiwaregoodreaderMatch2.8.2-iphone_os
ORgoodiwaregoodreaderMatch2.8.5-iphone_os
ORgoodiwaregoodreaderMatch3.0.0-iphone_os
ORgoodiwaregoodreaderMatch3.0.1-iphone_os
ORgoodiwaregoodreaderMatch3.0.2-iphone_os
ORgoodiwaregoodreaderMatch3.0.3-iphone_os
ORgoodiwaregoodreaderMatch3.2.1-iphone_os
ORgoodiwaregoodreaderMatch3.2.3-iphone_os
ORgoodiwaregoodreaderMatch3.3.0-iphone_os
ORgoodiwaregoodreaderMatch3.3.1-iphone_os
ORgoodiwaregoodreaderMatch3.4.0-iphone_os
ORgoodiwaregoodreaderMatch3.4.1-iphone_os
ORgoodiwaregoodreaderMatch3.5.0-iphone_os
ORgoodiwaregoodreaderMatch3.5.1-iphone_os
ORgoodiwaregoodreaderMatch3.6.0-iphone_os
ORgoodiwaregoodreaderMatch3.6.1-iphone_os
ORgoodiwaregoodreaderMatch3.7.0-iphone_os
ORgoodiwaregoodreaderMatch3.7.1-iphone_os
ORgoodiwaregoodreaderMatch3.8.1-iphone_os
ORgoodiwaregoodreaderMatch3.9.1-iphone_os
ORgoodiwaregoodreaderMatch3.10.0-iphone_os
ORgoodiwaregoodreaderMatch3.10.1-iphone_os
ORgoodiwaregoodreaderMatch3.10.2-iphone_os
ORgoodiwaregoodreaderMatch3.10.3-iphone_os
ORgoodiwaregoodreaderMatch3.11.0-iphone_os
ORgoodiwaregoodreaderMatch3.11.1-iphone_os
ORgoodiwaregoodreaderMatch3.12.1-iphone_os
ORgoodiwaregoodreaderMatch3.13.0-iphone_os
ORgoodiwaregoodreaderMatch3.13.1-iphone_os
ORgoodiwaregoodreaderMatch3.14.1-iphone_os
ORgoodiwaregoodreaderMatch3.15.0-iphone_os
appleipod_touch
ORappleiphone_os
| Vendor | Product | Version | CPE |
|---|---|---|---|
| goodiware | goodreader | * | cpe:2.3:a:goodiware:goodreader:*:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 1.1 | cpe:2.3:a:goodiware:goodreader:1.1:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.0 | cpe:2.3:a:goodiware:goodreader:2.0:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.1 | cpe:2.3:a:goodiware:goodreader:2.1:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.2 | cpe:2.3:a:goodiware:goodreader:2.2:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.3 | cpe:2.3:a:goodiware:goodreader:2.3:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.4 | cpe:2.3:a:goodiware:goodreader:2.4:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.5 | cpe:2.3:a:goodiware:goodreader:2.5:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.5.1 | cpe:2.3:a:goodiware:goodreader:2.5.1:-:*:*:*:iphone_os:*:* |
| goodiware | goodreader | 2.6 | cpe:2.3:a:goodiware:goodreader:2.6:-:*:*:*:iphone_os:*:* |
Related
nvd
nvd
CVE-2012-2648
2012-08-07 19:55:02
prion
prion
Cross site scripting
2012-08-07 19:55:00
cvelist
cvelist
CVE-2012-2648
2012-08-07 19:00:00
jvn
jvn
JVN#01598734: GoodReader vulnerable to cross-site scripting
2012-08-02 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
49.0%
Related for CVE-2012-2648