Lucene search

AppleCVE-2012-3689

HistoryJul 25, 2012 - 7:55 p.m.

CVE-2012-3689

2012-07-2519:55:06

CWE-20

apple

web.nvd.nist.gov

cve-2012-3689

webkit

apple safari

same origin policy

remote attackers

nvd

security vulnerability

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

46.1%

JSON

WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.

Affected configurations

Nvd

Node

applesafariRange≤5.1.7

applesafariMatch1.0

applesafariMatch1.0beta

applesafariMatch1.0beta2

applesafariMatch1.0.0

applesafariMatch1.0.0b1

applesafariMatch1.0.0b2

applesafariMatch1.0.1

applesafariMatch1.0.2

applesafariMatch1.0.3

applesafariMatch1.0.385.8

applesafariMatch1.0.385.8.1

applesafariMatch1.0b1-mac

applesafariMatch1.1

applesafariMatch1.1.0

applesafariMatch1.1.1

applesafariMatch1.2

applesafariMatch1.2.0

applesafariMatch1.2.1

applesafariMatch1.2.2

applesafariMatch1.2.3

applesafariMatch1.2.4

applesafariMatch1.2.5

applesafariMatch1.3

applesafariMatch1.3.0

applesafariMatch1.3.1

applesafariMatch1.3.2

applesafariMatch1.3.2312.5

applesafariMatch1.3.2312.6

applesafariMatch2

applesafariMatch2.0

applesafariMatch2.0.0

applesafariMatch2.0.1

applesafariMatch2.0.2

applesafariMatch2.0.3

applesafariMatch2.0.3417.8

applesafariMatch2.0.3417.9

applesafariMatch2.0.3417.9.2

applesafariMatch2.0.3417.9.3

applesafariMatch2.0.4

applesafariMatch2.0.4-mac

applesafariMatch3

applesafariMatch3.0

applesafariMatch3.0.0

applesafariMatch3.0.0-mac

applesafariMatch3.0.0b

applesafariMatch3.0.0b-windows

applesafariMatch3.0.1

applesafariMatch3.0.1-mac

applesafariMatch3.0.1beta

applesafariMatch3.0.1b

applesafariMatch3.0.1b-windows

applesafariMatch3.0.2

applesafariMatch3.0.2-mac

applesafariMatch3.0.2b

applesafariMatch3.0.2b-windows

applesafariMatch3.0.3

applesafariMatch3.0.3-mac

applesafariMatch3.0.3b

applesafariMatch3.0.3b-windows

applesafariMatch3.0.4

applesafariMatch3.0.4-mac

applesafariMatch3.0.4b

applesafariMatch3.0.4b-windows

applesafariMatch3.1.0

applesafariMatch3.1.0-mac

applesafariMatch3.1.0b

applesafariMatch3.1.0b-windows

applesafariMatch3.1.1

applesafariMatch3.1.1b-windows

applesafariMatch3.1.2

applesafariMatch3.1.2b-windows

applesafariMatch3.2.0

applesafariMatch3.2.0b-windows

applesafariMatch3.2.1

applesafariMatch3.2.1b-windows

applesafariMatch3.2.2

applesafariMatch3.2.2b-windows

applesafariMatch4.0

applesafariMatch4.0beta

applesafariMatch4.0.0b

applesafariMatch4.0.1

applesafariMatch4.0.2

applesafariMatch4.0.3

applesafariMatch4.0.4

applesafariMatch4.0.5

applesafariMatch4.1

applesafariMatch4.1.1

applesafariMatch4.1.2

applesafariMatch5.0

applesafariMatch5.0.1

applesafariMatch5.0.2

applesafariMatch5.0.4

applesafariMatch5.0.5

applesafariMatch5.0.6

applesafariMatch5.1

applesafariMatch5.1.1

applesafariMatch5.1.2

applesafariMatch5.1.3

applesafariMatch5.1.4

applesafariMatch5.1.5

applesafariMatch5.1.6

VendorProductVersionCPE
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*
applesafari1.0.0cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*
applesafari1.0.0b1cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*
applesafari1.0.0b2cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*
applesafari1.0.1cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*
applesafari1.0.2cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*
applesafari1.0.3cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	safari	*	cpe:2.3:a:apple:safari::::::::
apple	safari	1.0	cpe:2.3:a:apple:safari:1.0:::::::*
apple	safari	1.0	cpe:2.3:a:apple:safari:1.0:beta::::::
apple	safari	1.0	cpe:2.3:a:apple:safari:1.0:beta2::::::
apple	safari	1.0.0	cpe:2.3:a:apple:safari:1.0.0:::::::*
apple	safari	1.0.0b1	cpe:2.3:a:apple:safari:1.0.0b1:::::::*
apple	safari	1.0.0b2	cpe:2.3:a:apple:safari:1.0.0b2:::::::*
apple	safari	1.0.1	cpe:2.3:a:apple:safari:1.0.1:::::::*
apple	safari	1.0.2	cpe:2.3:a:apple:safari:1.0.2:::::::*
apple	safari	1.0.3	cpe:2.3:a:apple:safari:1.0.3:::::::*