CVE Vulnerabilities

CVE-2012-0958

Published: Dec 26, 2012 | Modified: Jan 11, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage.

Affected Software

Name Vendor Start Version End Version
Unity-firefox-extension Ps_project_management_team 2.4.1 2.4.1

References