Lucene search
HistoryJul 25, 2012 - 7:55 p.m.
CVE-2012-0680
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.007
Percentile
80.0%
Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation.
Affected configurations
Node
applesafariRange≤5.1.7
ORapplesafariMatch1.0
ORapplesafariMatch1.0beta
ORapplesafariMatch1.0beta2
ORapplesafariMatch1.0.0
ORapplesafariMatch1.0.0b1
ORapplesafariMatch1.0.0b2
ORapplesafariMatch1.0.1
ORapplesafariMatch1.0.2
ORapplesafariMatch1.0.3
ORapplesafariMatch1.0.385.8
ORapplesafariMatch1.0.385.8.1
ORapplesafariMatch1.0b1-mac
ORapplesafariMatch1.1
ORapplesafariMatch1.1.0
ORapplesafariMatch1.1.1
ORapplesafariMatch1.2
ORapplesafariMatch1.2.0
ORapplesafariMatch1.2.1
ORapplesafariMatch1.2.2
ORapplesafariMatch1.2.3
ORapplesafariMatch1.2.4
ORapplesafariMatch1.2.5
ORapplesafariMatch1.3
ORapplesafariMatch1.3.0
ORapplesafariMatch1.3.1
ORapplesafariMatch1.3.2
ORapplesafariMatch1.3.2312.5
ORapplesafariMatch1.3.2312.6
ORapplesafariMatch2
ORapplesafariMatch2.0
ORapplesafariMatch2.0.0
ORapplesafariMatch2.0.1
ORapplesafariMatch2.0.2
ORapplesafariMatch2.0.3
ORapplesafariMatch2.0.3417.8
ORapplesafariMatch2.0.3417.9
ORapplesafariMatch2.0.3417.9.2
ORapplesafariMatch2.0.3417.9.3
ORapplesafariMatch2.0.4
ORapplesafariMatch2.0.4-mac
ORapplesafariMatch3
ORapplesafariMatch3.0
ORapplesafariMatch3.0.0
ORapplesafariMatch3.0.0-mac
ORapplesafariMatch3.0.0b
ORapplesafariMatch3.0.0b-windows
ORapplesafariMatch3.0.1
ORapplesafariMatch3.0.1-mac
ORapplesafariMatch3.0.1beta
ORapplesafariMatch3.0.1b
ORapplesafariMatch3.0.1b-windows
ORapplesafariMatch3.0.2
ORapplesafariMatch3.0.2-mac
ORapplesafariMatch3.0.2b
ORapplesafariMatch3.0.2b-windows
ORapplesafariMatch3.0.3
ORapplesafariMatch3.0.3-mac
ORapplesafariMatch3.0.3b
ORapplesafariMatch3.0.3b-windows
ORapplesafariMatch3.0.4
ORapplesafariMatch3.0.4-mac
ORapplesafariMatch3.0.4b
ORapplesafariMatch3.0.4b-windows
ORapplesafariMatch3.1.0
ORapplesafariMatch3.1.0-mac
ORapplesafariMatch3.1.0b
ORapplesafariMatch3.1.0b-windows
ORapplesafariMatch3.1.1
ORapplesafariMatch3.1.1b-windows
ORapplesafariMatch3.1.2
ORapplesafariMatch3.1.2b-windows
ORapplesafariMatch3.2.0
ORapplesafariMatch3.2.0b-windows
ORapplesafariMatch3.2.1
ORapplesafariMatch3.2.1b-windows
ORapplesafariMatch3.2.2
ORapplesafariMatch3.2.2b-windows
ORapplesafariMatch4.0
ORapplesafariMatch4.0beta
ORapplesafariMatch4.0.0b
ORapplesafariMatch4.0.1
ORapplesafariMatch4.0.2
ORapplesafariMatch4.0.3
ORapplesafariMatch4.0.4
ORapplesafariMatch4.0.5
ORapplesafariMatch4.1
ORapplesafariMatch4.1.1
ORapplesafariMatch4.1.2
ORapplesafariMatch5.0
ORapplesafariMatch5.0.1
ORapplesafariMatch5.0.2
ORapplesafariMatch5.0.4
ORapplesafariMatch5.0.5
ORapplesafariMatch5.0.6
ORapplesafariMatch5.1
ORapplesafariMatch5.1.1
ORapplesafariMatch5.1.2
ORapplesafariMatch5.1.3
ORapplesafariMatch5.1.4
ORapplesafariMatch5.1.5
ORapplesafariMatch5.1.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | safari | * | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:* |
| apple | safari | 1.0.0 | cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:* |
| apple | safari | 1.0.0b1 | cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:* |
| apple | safari | 1.0.0b2 | cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:* |
| apple | safari | 1.0.1 | cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:* |
| apple | safari | 1.0.2 | cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:* |
| apple | safari | 1.0.3 | cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-0680
2012-07-25 19:00:00
cve
cve
CVE-2012-0680
2012-07-25 19:55:01
prion
prion
Authentication flaw
2012-07-25 19:55:00
seebug
seebug
Apple Safari < 6.0 安全限制绕过漏洞(CVE-2012-0680)
2012-07-27 00:00:00
securityvulns
securityvulns
Apple iOS multiple security vulnerabilities
2012-09-24 00:00:00
APPLE-SA-2012-09-19-1 iOS 6
2012-09-24 00:00:00
kaspersky
kaspersky
KLA10075 Multiple vulnerabilities in Apple Safari
2012-07-25 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities - Aug 2012 (Windows)
2012-08-01 00:00:00
Apple Safari Multiple Vulnerabilities (Aug 2012) - Windows
2012-08-01 00:00:00
Apple Safari Multiple Vulnerabilities - July 2012 (Mac OS X)
2012-07-30 00:00:00
nessus
nessus
Mac OS X : Apple Safari < 6.0 Multiple Vulnerabilities
2012-07-26 00:00:00
Safari < 6.0 Multiple Vulnerabilities
2012-07-26 00:00:00
Safari < 6.0 Multiple Vulnerabilities
2012-07-26 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.007
Percentile
80.0%
Related for NVD:CVE-2012-0680