Published: 01/02/2012 Updated: 19/09/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Mozilla Firefox 4.x up to and including 9.0 and SeaMonkey prior to 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 4.0
mozilla firefox 4.0.1
mozilla firefox 7.0
mozilla firefox 5.0
mozilla firefox 6.0
mozilla firefox 8.0.1
mozilla firefox 9.0
mozilla firefox 5.0.1
mozilla firefox 8.0
mozilla firefox 6.0.1
mozilla firefox 6.0.2
mozilla seamonkey 2.6
mozilla seamonkey 2.5
mozilla seamonkey 2.3.1
mozilla seamonkey 2.3
mozilla seamonkey 2.1
mozilla seamonkey 2.0.14
mozilla seamonkey 2.0.6
mozilla seamonkey 2.0.5
mozilla seamonkey 2.0
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.7
mozilla seamonkey 1.1
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.2
mozilla seamonkey 2.7
mozilla seamonkey 2.4
mozilla seamonkey 2.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.0.10
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.1
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0
mozilla seamonkey
mozilla seamonkey 2.4.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.13
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.9
mozilla seamonkey 1.0.1
mozilla seamonkey 2.6.1
mozilla seamonkey 2.3.3
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.18
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.5

Several security issues were fixed in Firefox ...

This update provides compatible ubufox and webfav packages for the latest Firefox ...

This update provides compatible Mozvoikko packages for the latest Firefox ...

Mozilla Foundation Security Advisory 2012-09 Firefox Recovery Keyhtml is saved with unsafe permission Announced January 31, 2012 Reporter magicant starmen Impact Moderate Products Firefox, SeaMonkey Fixed in ...

CWE-264 https://bugzilla.mozilla.org/show_bug.cgi?id=716868 http://www.mozilla.org/security/announce/2012/mfsa2012-09.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://osvdb.org/78741 https://exchange.xforce.ibmcloud.com/vulnerabilities/72869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14670 https://nvd.nist.gov https://usn.ubuntu.com/1355-1/

CVE-2012-0450

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect