Lucene search
HistoryDec 26, 2012 - 10:55 p.m.
CVE-2012-0958
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.8%
content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage.
Affected configurations
Node
ps_project_management_teamunity-firefox-extensionMatch2.4.1-firefox
Related
cvelist
cvelist
CVE-2012-0958
2022-10-03 16:15:41
ubuntucve
ubuntucve
CVE-2012-0958
2012-11-06 00:00:00
nessus
nessus
Ubuntu 12.10 : unity-firefox-extension vulnerability (USN-1665-1)
2012-12-14 00:00:00
securityvulns
securityvulns
unity firefox extension crossorigin policy bypass
2012-12-17 00:00:00
[USN-1665-1] unity-firefox-extension vulnerability
2012-12-17 00:00:00
openvas
openvas
Ubuntu Update for unity-firefox-extension USN-1665-1
2012-12-14 00:00:00
Ubuntu: Security Advisory (USN-1665-1)
2012-12-14 00:00:00
ubuntu
ubuntu
unity-firefox-extension vulnerability
2012-12-13 00:00:00
prion
prion
Design/Logic Flaw
2012-12-26 22:55:00
cve
cve
CVE-2012-0958
2022-10-03 16:15:41
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.8%
Related for NVD:CVE-2012-0958