Vulnerability Details CVE-2012-0960
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/56650
- http://www.ubuntu.com/usn/USN-1639-1
- https://bugs.launchpad.net/unity-firefox-extension/%2Bbug/1076350
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80319
- http://www.securityfocus.com/bid/56650
- http://www.ubuntu.com/usn/USN-1639-1
- https://bugs.launchpad.net/unity-firefox-extension/%2Bbug/1076350
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80319
Products affected by CVE-2012-0960
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.02
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.2.1
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.3
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:0.3.1
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.1
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.2
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.1
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.2
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.3
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.4
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.3.5
-
cpe:2.3:a:ps_project_management_team:unity-firefox-extension:2.4.0