CVE-2012-0450 — Mozilla Seamonkey vulnerability

CWE-2646 documents4 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 78.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Seamonkey Mozilla Firefox

Timeline

PublishedFeb 1

Latest updateMay 4

Description

Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDmozilla/firefox11 versions+10

▶NVDmozilla/seamonkey2.7+57

🔴Vulnerability Details

GHSA

GHSA-h77w-4p5f-2cg9: Mozilla Firefox 4↗2022-05-04

▶

CVEList

CVE-2012-0450: Mozilla Firefox 4↗2012-02-01

▶

📋Vendor Advisories

Ubuntu

Mozvoikko update↗2012-02-03

▶

Ubuntu

ubufox and webfav update↗2012-02-03

▶

Ubuntu

Firefox vulnerabilities↗2012-02-03

▶