CVE-2012-3987

2012-10-1017:55:00

CWE-264

[email protected]

web.nvd.nist.gov

mozilla

firefox

cve-2012-3987

android

access restrictions

6.2 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

75.0%

JSON

Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle15.0.1
mozilla:firefoxmozilla firefoxeq0.1
mozilla:firefoxmozilla firefoxeq0.2
mozilla:firefoxmozilla firefoxeq0.3
mozilla:firefoxmozilla firefoxeq0.4
mozilla:firefoxmozilla firefoxeq0.5
mozilla:firefoxmozilla firefoxeq0.6
mozilla:firefoxmozilla firefoxeq0.6.1
mozilla:firefoxmozilla firefoxeq0.7
mozilla:firefoxmozilla firefoxeq0.7.1

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	15.0.1
mozilla:firefox	mozilla firefox	eq	0.1
mozilla:firefox	mozilla firefox	eq	0.2
mozilla:firefox	mozilla firefox	eq	0.3
mozilla:firefox	mozilla firefox	eq	0.4
mozilla:firefox	mozilla firefox	eq	0.5
mozilla:firefox	mozilla firefox	eq	0.6
mozilla:firefox	mozilla firefox	eq	0.6.1
mozilla:firefox	mozilla firefox	eq	0.7
mozilla:firefox	mozilla firefox	eq	0.7.1