Search for vulnerabilities
Vulnerability details: VCID-ajza-8kgu-aaaq
Vulnerability ID VCID-ajza-8kgu-aaaq
Aliases CVE-2012-0450
Summary Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.
Status Published
Exploitability 0.5
Weighted Severity 1.9
Risk 0.9
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00058 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
epss 0.00061 https://api.first.org/data/v1/epss?cve=CVE-2012-0450
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2012-0450
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2012-09
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html
http://osvdb.org/78741
https://api.first.org/data/v1/epss?cve=CVE-2012-0450
https://bugzilla.mozilla.org/show_bug.cgi?id=716868
https://exchange.xforce.ibmcloud.com/vulnerabilities/72869
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14670
http://www.mandriva.com/security/advisories?name=MDVSA-2012:013
http://www.mozilla.org/security/announce/2012/mfsa2012-09.html
CVE-2012-0450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0450
CVE-2012-0450 https://nvd.nist.gov/vuln/detail/CVE-2012-0450
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2012-09 https://www.mozilla.org/en-US/security/advisories/mfsa2012-09
USN-1355-1 https://usn.ubuntu.com/1355-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-0450
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.05128
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.