Ubuntu Linux 2.4.1-0ubuntu unity-firefox-extension unity-global-property-initializer.js input validation
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.7 | $0-$5k | 0.00 |
Summary
A vulnerability identified as critical has been detected in Ubuntu Linux 2.4.1-0ubuntu. Impacted is an unknown function of the file unity-global-property-initializer.js of the component unity-firefox-extension. Performing a manipulation results in input validation. This vulnerability was named CVE-2012-0960. In addition, an exploit is available. It is recommended to apply a patch to fix this issue.
Details
A vulnerability, which was classified as critical, was found in Ubuntu Linux 2.4.1-0ubuntu (Operating System). This affects some unknown functionality of the file unity-global-property-initializer.js of the component unity-firefox-extension. The manipulation with an unknown input leads to a input validation vulnerability. CWE is classifying the issue as CWE-20. The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
The weakness was presented 11/22/2012 as 1076350 as confirmed changelog entry (Website). It is possible to read the advisory at launchpad.net. The public release was coordinated in cooperation with Ubuntu. This vulnerability is uniquely identified as CVE-2012-0960 since 02/01/2012. The exploitability is told to be difficult. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details and a public exploit are known.
After immediately, there has been an exploit disclosed. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 14 days. During that time the estimated underground price was around $25k-$100k. The vulnerability scanner Nessus provides a plugin with the ID 63027 (Ubuntu 12.10 : unity-firefox-extension vulnerability (USN-1639-1)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Ubuntu Local Security Checks.
Upgrading to version 2.4.1-0ubuntu3, 2.4.1-0ubuntu1.1 eliminates this vulnerability. The upgrade is hosted for download at launchpad.net. Applying a patch is able to eliminate this problem. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (80319), Tenable (63027), SecurityFocus (BID 56650†), OSVDB (87835†) and Vulnerability Center (SBV-37443†). See VDB-7109 for similar entry. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.ubuntu.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 10.0VulDB Meta Temp Score: 8.7
VulDB Base Score: 10.0
VulDB Temp Score: 8.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Input validationCWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 63027
Nessus Name: Ubuntu 12.10 : unity-firefox-extension vulnerability (USN-1639-1)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Port: 🔍
OpenVAS ID: 841223
OpenVAS Name: Ubuntu Update for unity-firefox-extension USN-1639-1
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Exploit Delay Time: 🔍
Upgrade: Linux 2.4.1-0ubuntu3, 2.4.1-0ubuntu1.1
Timeline
02/01/2012 🔍11/08/2012 🔍
11/22/2012 🔍
11/22/2012 🔍
11/22/2012 🔍
11/22/2012 🔍
11/22/2012 🔍
11/23/2012 🔍
11/24/2012 🔍
11/24/2012 🔍
11/27/2012 🔍
11/28/2012 🔍
04/19/2021 🔍
Sources
Vendor: ubuntu.comAdvisory: 1076350
Status: Confirmed
Confirmation: 🔍
Coordinated: 🔍
CVE: CVE-2012-0960 (🔍)
GCVE (CVE): GCVE-0-2012-0960
GCVE (VulDB): GCVE-100-7023
OVAL: 🔍
X-Force: 80319 - Ubuntu unity-firefox-extension package callbacks denial of service, Medium Risk
SecurityFocus: 56650 - Ubuntu 'unity-firefox-extension' Package Denial of Service Vulnerability
OSVDB: 87835
Vulnerability Center: 37443 - Unity Integration Extension Remote DoS and Code Execution due to Improper Handling of Callbacks, High
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 11/27/2012 14:13Updated: 04/19/2021 15:29
Changes: 11/27/2012 14:13 (57), 04/22/2017 09:07 (34), 04/19/2021 15:29 (3)
Complete: 🔍
Committer:
Cache ID: 216:2B2:103
No comments yet. Languages: en.
Please log in to comment.