[Japanese]
|
JVNDB-2012-000072
|
Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration
|
Yahoo! Toolbar (for Chrome, Safari) contains a vulnerability where the toolbar may be altered.
Yahoo! Toolbar (for Chrome, Safari) contains a vulnerability where the toolbar may be altered when visiting a specially crafted web page.
Keita Haga of keitahaga.com reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
CVSS V2 Severity: Base Metrics 4.3 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Medium
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: Partial
- Availability Impact: None
|
|
Yahoo Japan Corporation
- Installer of Yahoo! Toolbar for Chrome Ver.1.0.0.5 and earlier
- Installer of Yahoo! Toolbar for Safari Ver.1.0.0.5 and earlier
|
|
A remote attacker may alter the toolbar. As a result, keywords entered in the toolbar may be leaked to a third party.
|
[Update the software]
Update to the latest version according to the information provided by the developer.
|
Yahoo Japan Corporation
|
- No Mapping(CWE-Other) [IPA Evaluation]
|
- CVE-2012-2647
|
- JVN : JVN#51769987
- National Vulnerability Database (NVD) : CVE-2012-2647
|
- [2012/07/30]
Web page was published
[2012/08/02]
Title : Information was updated to reflect the versions affected more clearly
Overview : Information was updated to reflect the versions affected more clearly
Affected Products : Information was updated to reflect the versions affected more clearly
|