Lucene search

[email protected]NVD:CVE-2012-3987

HistoryOct 10, 2012 - 5:55 p.m.

CVE-2012-3987

2012-10-1017:55:01

CWE-264

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.3%

JSON

Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.

Affected configurations

NVD

Node

mozillafirefoxRange≤15.0.1

mozillafirefoxMatch0.1

mozillafirefoxMatch0.2

mozillafirefoxMatch0.3

mozillafirefoxMatch0.4

mozillafirefoxMatch0.5

mozillafirefoxMatch0.6

mozillafirefoxMatch0.6.1

mozillafirefoxMatch0.7

mozillafirefoxMatch0.7.1

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0preview_release

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillafirefoxMatch1.0.5

mozillafirefoxMatch1.0.6

mozillafirefoxMatch1.0.7

mozillafirefoxMatch1.0.8

mozillafirefoxMatch1.4.1

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5beta1

mozillafirefoxMatch1.5beta2

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillafirefoxMatch1.5.0.8

mozillafirefoxMatch1.5.0.9

mozillafirefoxMatch1.5.0.10

mozillafirefoxMatch1.5.0.11

mozillafirefoxMatch1.5.0.12

mozillafirefoxMatch1.5.1

mozillafirefoxMatch1.5.2

mozillafirefoxMatch1.5.3

mozillafirefoxMatch1.5.4

mozillafirefoxMatch1.5.5

mozillafirefoxMatch1.5.6

mozillafirefoxMatch1.5.7

mozillafirefoxMatch1.5.8

mozillafirefoxMatch1.8

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillafirefoxMatch2.0.0.4

mozillafirefoxMatch2.0.0.5

mozillafirefoxMatch2.0.0.6

mozillafirefoxMatch2.0.0.7

mozillafirefoxMatch2.0.0.8

mozillafirefoxMatch2.0.0.9

mozillafirefoxMatch2.0.0.10

mozillafirefoxMatch2.0.0.11

mozillafirefoxMatch2.0.0.12

mozillafirefoxMatch2.0.0.13

mozillafirefoxMatch2.0.0.14

mozillafirefoxMatch2.0.0.15

mozillafirefoxMatch2.0.0.16

mozillafirefoxMatch2.0.0.17

mozillafirefoxMatch2.0.0.18

mozillafirefoxMatch2.0.0.19

mozillafirefoxMatch2.0.0.20

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

mozillafirefoxMatch3.0.11

mozillafirefoxMatch3.0.12

mozillafirefoxMatch3.0.13

mozillafirefoxMatch3.0.14

mozillafirefoxMatch3.0.15

mozillafirefoxMatch3.0.16

mozillafirefoxMatch3.0.17

mozillafirefoxMatch3.5

mozillafirefoxMatch3.5.1

mozillafirefoxMatch3.5.2

mozillafirefoxMatch3.5.3

mozillafirefoxMatch3.5.4

mozillafirefoxMatch3.5.5

mozillafirefoxMatch3.5.6

mozillafirefoxMatch3.5.7

mozillafirefoxMatch3.5.8

mozillafirefoxMatch3.5.9

mozillafirefoxMatch3.5.10

mozillafirefoxMatch3.5.11

mozillafirefoxMatch3.5.12

mozillafirefoxMatch3.5.13

mozillafirefoxMatch3.5.14

mozillafirefoxMatch3.5.15

mozillafirefoxMatch3.6

mozillafirefoxMatch3.6.2

mozillafirefoxMatch3.6.3

mozillafirefoxMatch3.6.4

mozillafirefoxMatch3.6.6

mozillafirefoxMatch3.6.7

mozillafirefoxMatch3.6.8

mozillafirefoxMatch3.6.9

mozillafirefoxMatch3.6.10

mozillafirefoxMatch3.6.11

mozillafirefoxMatch3.6.12

mozillafirefoxMatch3.6.13

mozillafirefoxMatch3.6.14

mozillafirefoxMatch3.6.15

mozillafirefoxMatch3.6.16

mozillafirefoxMatch3.6.17

mozillafirefoxMatch3.6.18

mozillafirefoxMatch3.6.19

mozillafirefoxMatch3.6.20

mozillafirefoxMatch3.6.21

mozillafirefoxMatch3.6.22

mozillafirefoxMatch3.6.23

mozillafirefoxMatch3.6.24

mozillafirefoxMatch3.6.25

mozillafirefoxMatch4.0

mozillafirefoxMatch4.0beta1

mozillafirefoxMatch4.0beta10

mozillafirefoxMatch4.0beta11

mozillafirefoxMatch4.0beta12

mozillafirefoxMatch4.0beta2

mozillafirefoxMatch4.0beta3

mozillafirefoxMatch4.0beta4

mozillafirefoxMatch4.0beta5

mozillafirefoxMatch4.0beta6

mozillafirefoxMatch4.0beta7

mozillafirefoxMatch4.0beta8

mozillafirefoxMatch4.0beta9

mozillafirefoxMatch4.0.1

mozillafirefoxMatch5.0

mozillafirefoxMatch5.0.1

mozillafirefoxMatch6.0

mozillafirefoxMatch6.0.1

mozillafirefoxMatch6.0.2

mozillafirefoxMatch7.0

mozillafirefoxMatch7.0.1

mozillafirefoxMatch8.0

mozillafirefoxMatch8.0.1

mozillafirefoxMatch9.0

mozillafirefoxMatch9.0.1

mozillafirefoxMatch10.0

mozillafirefoxMatch10.0.1

mozillafirefoxMatch10.0.2

mozillafirefoxMatch11.0

mozillafirefoxMatch12.0

mozillafirefoxMatch12.0beta6

mozillafirefoxMatch13.0

mozillafirefoxMatch14.0

mozillafirefoxMatch15.0

AND

googleandroid

References

lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html

osvdb.org/86107

secunia.com/advisories/50856

www.mozilla.org/security/announce/2012/mfsa2012-78.html

bugzilla.mozilla.org/show_bug.cgi?id=778582

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for NVD:CVE-2012-3987

mozilla1 cve1 cvelist1 prion1 seebug1 nessus9 openvas3 suse1 freebsd1 securityvulns1