Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2012-1945 | First vendor Publication | 2012-06-05 |
Vendor | Cve | Last vendor Modification | 2017-12-29 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.9 | Attack Range | Adjacent network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 5.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:16743 | |||
Oval ID: | oval:org.mitre.oval:def:16743 | ||
Title: | Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. | ||
Description: | Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1945 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,) File : nvt/gb_suse_2012_0760_1.nasl |
2012-08-10 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox68.nasl |
2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:088 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_088.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0710 centos5 File : nvt/gb_CESA-2012_0710_firefox_centos5.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0710 centos6 File : nvt/gb_CESA-2012_0710_firefox_centos6.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0715 centos5 File : nvt/gb_CESA-2012_0715_thunderbird_centos5.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0715 centos6 File : nvt/gb_CESA-2012_0715_thunderbird_centos6.nasl |
2012-06-28 | Name : Ubuntu Update for thunderbird USN-1463-6 File : nvt/gb_ubuntu_USN_1463_6.nasl |
2012-06-28 | Name : Ubuntu Update for unity-2d USN-1463-5 File : nvt/gb_ubuntu_USN_1463_5.nasl |
2012-06-25 | Name : Mandriva Update for mozilla MDVSA-2012:088-1 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_088_1.nasl |
2012-06-25 | Name : Ubuntu Update for thunderbird USN-1463-4 File : nvt/gb_ubuntu_USN_1463_4.nasl |
2012-06-22 | Name : Ubuntu Update for firefox USN-1463-3 File : nvt/gb_ubuntu_USN_1463_3.nasl |
2012-06-19 | Name : Mozilla Products Multiple Vulnerabilities - June12 (Mac OS X) File : nvt/gb_mozilla_prdts_mult_vuln_jun12_macosx.nasl |
2012-06-19 | Name : Mozilla Products Multiple Vulnerabilities - June12 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_jun12_win.nasl |
2012-06-19 | Name : Ubuntu Update for unity-2d USN-1463-2 File : nvt/gb_ubuntu_USN_1463_2.nasl |
2012-06-08 | Name : Ubuntu Update for firefox USN-1463-1 File : nvt/gb_ubuntu_USN_1463_1.nasl |
2012-06-08 | Name : RedHat Update for thunderbird RHSA-2012:0715-01 File : nvt/gb_RHSA-2012_0715-01_thunderbird.nasl |
2012-06-08 | Name : RedHat Update for firefox RHSA-2012:0710-01 File : nvt/gb_RHSA-2012_0710-01_firefox.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-333.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0710.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0715.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-120611.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120606_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120605_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-06-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-5.nasl - Type : ACT_GATHER_INFO |
2012-06-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-6.nasl - Type : ACT_GATHER_INFO |
2012-06-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-088.nasl - Type : ACT_GATHER_INFO |
2012-06-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-4.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-3.nasl - Type : ACT_GATHER_INFO |
2012-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-8189.nasl - Type : ACT_GATHER_INFO |
2012-06-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-2.nasl - Type : ACT_GATHER_INFO |
2012-06-08 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-0715.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0715.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0710.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-1.nasl - Type : ACT_GATHER_INFO |
2012-06-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0710.nasl - Type : ACT_GATHER_INFO |
2012-06-06 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_bfecf7c1af4711e195804061862b8c22.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:19:01 |
|
2024-02-01 12:05:37 |
|
2023-09-05 12:17:57 |
|
2023-09-05 01:05:30 |
|
2023-09-02 12:17:58 |
|
2023-09-02 01:05:35 |
|
2023-08-12 12:21:43 |
|
2023-08-12 01:05:37 |
|
2023-08-11 12:18:04 |
|
2023-08-11 01:05:46 |
|
2023-08-06 12:17:22 |
|
2023-08-06 01:05:37 |
|
2023-08-04 12:17:26 |
|
2023-08-04 01:05:39 |
|
2023-07-14 12:17:25 |
|
2023-07-14 01:05:34 |
|
2023-03-29 01:19:23 |
|
2023-03-28 12:05:42 |
|
2022-10-11 12:15:34 |
|
2022-10-11 01:05:18 |
|
2021-05-04 12:19:40 |
|
2021-04-22 01:23:22 |
|
2020-05-23 01:48:35 |
|
2020-05-23 00:33:25 |
|
2017-12-29 09:22:00 |
|
2017-11-21 12:03:49 |
|
2017-09-19 09:25:15 |
|
2016-06-28 19:06:22 |
|
2016-04-26 21:44:34 |
|
2014-06-14 13:32:44 |
|
2014-02-17 11:09:33 |
|
2013-11-04 21:22:44 |
|
2013-05-10 22:37:31 |
|