CVE-2012-0960

Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
VendorProductVersion
ps_project_management_teamunity-firefox-extension
𝑥
≤ 2.4.0
ps_project_management_teamunity-firefox-extension
0.02
ps_project_management_teamunity-firefox-extension
0.2.1
ps_project_management_teamunity-firefox-extension
0.3
ps_project_management_teamunity-firefox-extension
0.3.1
ps_project_management_teamunity-firefox-extension
2.1
ps_project_management_teamunity-firefox-extension
2.2
ps_project_management_teamunity-firefox-extension
2.3
ps_project_management_teamunity-firefox-extension
2.3.1
ps_project_management_teamunity-firefox-extension
2.3.2
ps_project_management_teamunity-firefox-extension
2.3.3
ps_project_management_teamunity-firefox-extension
2.3.4
ps_project_management_teamunity-firefox-extension
2.3.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
unity-firefox-extension
quantal
Fixed 2.4.1-0ubuntu1.1
released
precise
dne
oneiric
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/56650
http://www.ubuntu.com/usn/USN-1639-1
https://bugs.launchpad.net/unity-firefox-extension/%2Bbug/1076350
https://exchange.xforce.ibmcloud.com/vulnerabilities/80319
http://www.securityfocus.com/bid/56650
http://www.ubuntu.com/usn/USN-1639-1
https://bugs.launchpad.net/unity-firefox-extension/%2Bbug/1076350
https://exchange.xforce.ibmcloud.com/vulnerabilities/80319