Lucene search
CanonicalCVE-2012-0960HistoryNov 24, 2012 - 8:55 p.m.
CVE-2012-0960
2012-11-2420:55:01
CWE-20
canonical
web.nvd.nist.gov
29
cve-2012-0960
unity integration
firefox
dos
code execution
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.06
Percentile
93.5%
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
Affected configurations
Node
ps_project_management_teamunity-firefox-extensionRange≤2.4.0-firefox
ORps_project_management_teamunity-firefox-extensionMatch0.02-firefox
ORps_project_management_teamunity-firefox-extensionMatch0.2.1-firefox
ORps_project_management_teamunity-firefox-extensionMatch0.3-firefox
ORps_project_management_teamunity-firefox-extensionMatch0.3.1-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.1-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.2-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.3-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.3.1-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.3.2-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.3.3-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.3.4-firefox
ORps_project_management_teamunity-firefox-extensionMatch2.3.5-firefox
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ps_project_management_team | unity-firefox-extension | * | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:*:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 0.02 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.02:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 0.2.1 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.2.1:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 0.3 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.3:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 0.3.1 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.3.1:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 2.1 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.1:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 2.2 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.2:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 2.3 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 2.3.1 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.1:-:*:*:*:firefox:*:* |
| ps_project_management_team | unity-firefox-extension | 2.3.2 | cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.2:-:*:*:*:firefox:*:* |
Related
ubuntu
ubuntu
unity-firefox-extension vulnerability
2012-11-22 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1639-1)
2012-11-23 00:00:00
Ubuntu Update for unity-firefox-extension USN-1639-1
2012-11-23 00:00:00
ubuntucve
ubuntucve
CVE-2012-0960
2012-11-22 00:00:00
nvd
nvd
CVE-2012-0960
2012-11-24 20:55:01
cvelist
cvelist
CVE-2012-0960
2012-11-24 20:00:00
nessus
nessus
Ubuntu 12.10 : unity-firefox-extension vulnerability (USN-1639-1)
2012-11-23 00:00:00
prion
prion
Cross site request forgery (csrf)
2012-11-24 20:55:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.06
Percentile
93.5%
Related for CVE-2012-0960