CVE-2012-2647: Infoleak
First published: Tue Jul 31 2012(Updated: )
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yahoo Toolbar | <=1.0.0.5 | |
| Apple Mobile Safari | ||
| Google Chrome |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-2647?
CVE-2012-2647 is considered a high-severity vulnerability due to its ability to allow remote attackers to modify search URLs and intercept user search terms.
How do I fix CVE-2012-2647?
To fix CVE-2012-2647, update to the latest version of Yahoo! Toolbar that addresses this vulnerability.
Which software versions are affected by CVE-2012-2647?
CVE-2012-2647 affects Yahoo! Toolbar version 1.0.0.5 and earlier.
How can CVE-2012-2647 impact user privacy?
CVE-2012-2647 can significantly impact user privacy by allowing attackers to intercept and modify search queries.
Is my browser at risk from CVE-2012-2647?
No, CVE-2012-2647 specifically affects Yahoo! Toolbar and does not impact Google Chrome or Apple Safari versions.
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- agent/event
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/yahoo
- canonical/yahoo toolbar
- version/yahoo toolbar/1.0.0.5
- vendor/apple
- canonical/apple mobile safari
- vendor/google
- canonical/google chrome