Vulnerability Details : CVE-2012-0450
Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.
Exploit prediction scoring system (EPSS) score for CVE-2012-0450
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-0450
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2012-0450
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-0450
-
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html
[security-announce] openSUSE-SU-2012:0234-1: important: MozillaFirefox:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=716868
Access Denied
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:013
mandriva.com
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14670
Repository / Oval Repository
-
http://www.mozilla.org/security/announce/2012/mfsa2012-09.html
Firefox Recovery Key.html is saved with unsafe permission — MozillaVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/72869
Mozilla Firefox and SeaMonkey Recovery Key.html information disclosure CVE-2012-0450 Vulnerability Report
Products affected by CVE-2012-0450
- cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:*:beta5:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel