Vulnerability Details : CVE-2012-2647
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2012-2647
Probability of exploitation activity in the next 30 days: 0.23%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 61 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-2647
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2012-2647
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2647
-
http://jvn.jp/en/jp/JVN51769987/index.html
JVN#51769987: Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration
-
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000072
JVNDB-2012-000072 - JVN iPedia - 脆弱性対策情報データベース