CVE-2012-0450

Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.

Published: Feb 1, 2012
Updated: Nov 9, 2025
CVE: CVE-2012-0450
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
mozilla / firefox	4.0-beta9	4.0-beta9.x
mozilla / firefox	4.0-beta5	4.0-beta5.x
mozilla / firefox	4.0-beta8	4.0-beta8.x
mozilla / firefox	4.0-beta12	4.0-beta12.x
mozilla / firefox	4.0-beta3	4.0-beta3.x
mozilla / firefox	4.0-beta6	4.0-beta6.x
mozilla / firefox	4.0-beta1	4.0-beta1.x
mozilla / firefox	4.0-beta2	4.0-beta2.x
mozilla / firefox	4.0-beta4	4.0-beta4.x
mozilla / firefox	4.0-beta10	4.0-beta10.x
mozilla / firefox	4.0	4.0.x
mozilla / firefox	4.0-beta11	4.0-beta11.x
mozilla / firefox	4.0-beta7	4.0-beta7.x
mozilla / firefox	4.0.1	4.0.1.x
mozilla / firefox	5.0	5.0.x
mozilla / firefox	5.0.1	5.0.1.x
mozilla / firefox	6.0	6.0.x
mozilla / firefox	6.0.1	6.0.1.x
mozilla / firefox	6.0.2	6.0.2.x
mozilla / firefox	7.0	7.0.x
mozilla / firefox	8.0	8.0.x
mozilla / firefox	8.0.1	8.0.1.x
mozilla / firefox	9.0	9.0.x
mozilla / seamonkey	-	2.7.x
mozilla / seamonkey	1.0-alpha	1.0-alpha.x
mozilla / seamonkey	1.0-beta	1.0-beta.x
mozilla / seamonkey	1.0.1	1.0.1.x
mozilla / seamonkey	1.0.2	1.0.2.x
mozilla / seamonkey	1.0.3	1.0.3.x
mozilla / seamonkey	1.0.4	1.0.4.x
mozilla / seamonkey	1.0.5	1.0.5.x
mozilla / seamonkey	1.0.6	1.0.6.x
mozilla / seamonkey	1.0.7	1.0.7.x
mozilla / seamonkey	1.0.8	1.0.8.x
mozilla / seamonkey	1.0.9	1.0.9.x
mozilla / seamonkey	1.1-alpha	1.1-alpha.x
mozilla / seamonkey	1.1	1.1.x
mozilla / seamonkey	1.1-beta	1.1-beta.x
mozilla / seamonkey	1.1.1	1.1.1.x
mozilla / seamonkey	1.1.2	1.1.2.x
mozilla / seamonkey	1.1.3	1.1.3.x
mozilla / seamonkey	1.1.4	1.1.4.x
mozilla / seamonkey	1.1.5	1.1.5.x
mozilla / seamonkey	1.1.6	1.1.6.x
mozilla / seamonkey	1.1.7	1.1.7.x
mozilla / seamonkey	1.1.8	1.1.8.x
mozilla / seamonkey	1.1.9	1.1.9.x
mozilla / seamonkey	1.1.10	1.1.10.x
mozilla / seamonkey	1.1.11	1.1.11.x
mozilla / seamonkey	1.1.12	1.1.12.x
mozilla / seamonkey	1.1.13	1.1.13.x
mozilla / seamonkey	1.1.14	1.1.14.x
mozilla / seamonkey	1.1.15	1.1.15.x
mozilla / seamonkey	1.1.16	1.1.16.x
mozilla / seamonkey	1.1.17	1.1.17.x
mozilla / seamonkey	1.1.18	1.1.18.x
mozilla / seamonkey	1.1.19	1.1.19.x
mozilla / seamonkey	2.0-beta_1	2.0-beta_1.x
mozilla / seamonkey	2.0-rc1	2.0-rc1.x
mozilla / seamonkey	2.0	2.0.x
mozilla / seamonkey	2.0-alpha_2	2.0-alpha_2.x
mozilla / seamonkey	2.0-rc2	2.0-rc2.x
mozilla / seamonkey	2.0-alpha_3	2.0-alpha_3.x
mozilla / seamonkey	2.0-beta_2	2.0-beta_2.x
mozilla / seamonkey	2.0-alpha_1	2.0-alpha_1.x
mozilla / seamonkey	2.0.1	2.0.1.x
mozilla / seamonkey	2.0.2	2.0.2.x
mozilla / seamonkey	2.0.3	2.0.3.x
mozilla / seamonkey	2.0.4	2.0.4.x
mozilla / seamonkey	2.0.5	2.0.5.x
mozilla / seamonkey	2.0.6	2.0.6.x
mozilla / seamonkey	2.0.7	2.0.7.x
mozilla / seamonkey	2.0.8	2.0.8.x
mozilla / seamonkey	2.0.9	2.0.9.x
mozilla / seamonkey	2.0.10	2.0.10.x
mozilla / seamonkey	2.0.11	2.0.11.x
mozilla / seamonkey	2.0.12	2.0.12.x
mozilla / seamonkey	2.0.13	2.0.13.x
mozilla / seamonkey	2.0.14	2.0.14.x
mozilla / seamonkey	2.1-beta2	2.1-beta2.x
mozilla / seamonkey	2.1-rc1	2.1-rc1.x
mozilla / seamonkey	2.1-alpha1	2.1-alpha1.x
mozilla / seamonkey	2.1	2.1.x
mozilla / seamonkey	2.1-alpha2	2.1-alpha2.x
mozilla / seamonkey	2.1-alpha3	2.1-alpha3.x
mozilla / seamonkey	2.1-beta3	2.1-beta3.x
mozilla / seamonkey	2.1-rc2	2.1-rc2.x
mozilla / seamonkey	2.1-beta1	2.1-beta1.x
mozilla / seamonkey	2.2-beta1	2.2-beta1.x
mozilla / seamonkey	2.2-beta3	2.2-beta3.x
mozilla / seamonkey	2.2-beta2	2.2-beta2.x
mozilla / seamonkey	2.2	2.2.x
mozilla / seamonkey	2.3-beta2	2.3-beta2.x
mozilla / seamonkey	2.3	2.3.x
mozilla / seamonkey	2.3-beta3	2.3-beta3.x
mozilla / seamonkey	2.3-beta1	2.3-beta1.x
mozilla / seamonkey	2.3.1	2.3.1.x
mozilla / seamonkey	2.3.2	2.3.2.x
mozilla / seamonkey	2.3.3	2.3.3.x
mozilla / seamonkey	2.4-beta3	2.4-beta3.x
mozilla / seamonkey	2.4-beta1	2.4-beta1.x
mozilla / seamonkey	2.4	2.4.x
mozilla / seamonkey	2.4-beta2	2.4-beta2.x
mozilla / seamonkey	2.4.1	2.4.1.x
mozilla / seamonkey	2.5-beta4	2.5-beta4.x
mozilla / seamonkey	2.5	2.5.x
mozilla / seamonkey	2.5-beta3	2.5-beta3.x
mozilla / seamonkey	2.5-beta2	2.5-beta2.x
mozilla / seamonkey	2.5-beta1	2.5-beta1.x
mozilla / seamonkey	2.6-beta1	2.6-beta1.x
mozilla / seamonkey	2.6-beta2	2.6-beta2.x
mozilla / seamonkey	2.6-beta4	2.6-beta4.x
mozilla / seamonkey	2.6-beta3	2.6-beta3.x
mozilla / seamonkey	2.6	2.6.x
mozilla / seamonkey	2.6.1	2.6.1.x
mozilla / seamonkey	2.7-beta4	2.7-beta4.x
mozilla / seamonkey	2.7-beta2	2.7-beta2.x
mozilla / seamonkey	2.7-beta3	2.7-beta3.x
mozilla / seamonkey	2.7-beta1	2.7-beta1.x

Vulnerability Database

300,830

CVE-2012-0450

Deep Security Visibility Without the Complexity