Vulnerabilites related to GoodiWare - GoodReader
Vulnerability from fkie_nvd
Published
2012-08-07 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:goodiware:goodreader:*:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "A512E7A4-2719-406B-9FE3-7110780BBEB0",
"versionEndIncluding": "3.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:1.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "DEEEDF06-70AF-400F-A255-958C35AF8ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C8813AE8-3B09-42BE-8648-B53D5BCFD4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "9EABEBAE-BEFA-4DB3-B936-61A7334C898D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C5B4E5D5-9EC6-4F40-8B04-8759FD98D462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "0C790D9C-99F6-486A-B0AC-C0436233ADE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.4:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "124C64BB-38F7-4C48-8706-C4D57F72F8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.5:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "551A93FB-A48F-46C3-B38B-FF8C363CD7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.5.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "15FB54DD-EB27-46D3-9D67-12E459DD713F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.6:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "4B992995-072C-4903-8547-F46F1982BED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.7:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "13AE384F-454C-4D9C-A7D2-BAEA2D8C6BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.7.4:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C9632B28-AE0C-4FF6-9371-909F64D8420D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.8:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "454DD4A4-A01F-436A-B4DC-30067577B0AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.8.4:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "DC4E8D61-7F02-4087-BE7B-E42AFBA54A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "163936CF-4105-4C42-9512-891FD2C40586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "6D673B72-16E3-4E0F-8E3F-8391B6BBBB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "69D311FB-B051-47CE-8C10-67B0AE216286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "3650708A-50C5-4847-AB33-CCEB4F022D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.1.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "4B379E69-63F3-4A35-9659-201DF86DAEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.1.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "03687576-1800-44CE-9E4D-01C9CB39818F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.2.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "F9434C20-80E8-4E92-A676-89C2341EBDE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.3.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "12C0EB51-67EE-409D-AA43-83C4F669D868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.3.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C6C60768-3262-47C3-B256-8962B9228ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.4.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "80BD00A6-3CB5-44A3-BA99-D824ED99D443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.4.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "E0C26852-DB6E-4DE4-9151-DE699A2206D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.5.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "18955206-CE27-46E3-A775-F4A15A8BC18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.5.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C3F86EEE-46A7-49B4-A614-C534B4F457F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.6.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "5548BA93-0F98-425E-A972-3D2678776D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.6.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "85CA0D3E-3B6B-4E3F-83B4-AE94F5C2EC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.7.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "9956CA7B-8072-4733-9274-3CE3A4CB0D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.7.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "738D2805-2FFD-4AA3-86AD-74B589C51715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.8.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "5B15C2E1-2526-40FC-B6BA-B665C670C282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.9.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "D7396079-42D6-487A-B211-433F7B58B126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "7306C1EA-57F2-460F-B40F-AD159E6A5213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "A2DA3563-62A2-415A-817D-5F961C19F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C60A6036-2705-47D7-ADE0-5AAA1B93AB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "60454C61-12D7-47E5-9BEE-A974508D1DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.11.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "3326E57C-849A-454A-A4F4-FD6FAE2DA0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.11.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "E0D34BE5-A35C-46E4-8253-8B06A7F63671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.12.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "0A818D2B-24A9-413F-928F-70EA3537053D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.13.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "669266BB-59B5-4132-9353-25E530ADCA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.13.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "44E30566-25A0-4BB9-9BEC-5B9217C5E5BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.14.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "133FFC6E-C09F-496C-BE49-B4E9A98A15E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.14.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "6CF8D523-BBA7-4325-8552-06953C4EB31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.15.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "D14D3D50-AD2F-4939-9F13-5F3C4B6F85C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.15.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "B5F3668E-892F-4088-ADA1-748BA512CB2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:apple:ipad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAADE29A-712B-4AD5-A78B-6AD537BA9196",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:goodiware:goodreader:*:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "241FE526-BD85-4113-8F04-9951B1432E21",
"versionEndIncluding": "3.15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:1.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "DEEEDF06-70AF-400F-A255-958C35AF8ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C8813AE8-3B09-42BE-8648-B53D5BCFD4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "9EABEBAE-BEFA-4DB3-B936-61A7334C898D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C5B4E5D5-9EC6-4F40-8B04-8759FD98D462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "0C790D9C-99F6-486A-B0AC-C0436233ADE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.4:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "124C64BB-38F7-4C48-8706-C4D57F72F8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.5:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "551A93FB-A48F-46C3-B38B-FF8C363CD7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.5.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "15FB54DD-EB27-46D3-9D67-12E459DD713F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.6:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "4B992995-072C-4903-8547-F46F1982BED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.7:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "13AE384F-454C-4D9C-A7D2-BAEA2D8C6BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.8.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "DE9BE213-9877-4530-B472-F847492305A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:2.8.5:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "B408B081-9877-4C2D-B06C-E3E232A3410E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "163936CF-4105-4C42-9512-891FD2C40586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "6D673B72-16E3-4E0F-8E3F-8391B6BBBB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "69D311FB-B051-47CE-8C10-67B0AE216286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.0.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "3650708A-50C5-4847-AB33-CCEB4F022D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.2.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "67D71508-7D4D-49A2-B607-418D2A177D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.2.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "34519894-9652-459A-AC9D-BE5DEEC0A1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.3.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "12C0EB51-67EE-409D-AA43-83C4F669D868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.3.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C6C60768-3262-47C3-B256-8962B9228ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.4.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "80BD00A6-3CB5-44A3-BA99-D824ED99D443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.4.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "E0C26852-DB6E-4DE4-9151-DE699A2206D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.5.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "18955206-CE27-46E3-A775-F4A15A8BC18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.5.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C3F86EEE-46A7-49B4-A614-C534B4F457F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.6.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "5548BA93-0F98-425E-A972-3D2678776D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.6.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "85CA0D3E-3B6B-4E3F-83B4-AE94F5C2EC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.7.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "9956CA7B-8072-4733-9274-3CE3A4CB0D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.7.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "738D2805-2FFD-4AA3-86AD-74B589C51715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.8.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "95BCC311-CF0A-4826-A9BC-21275BD6DE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.9.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "1FD180CE-CF5F-483B-9ED9-0F04810662C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "7306C1EA-57F2-460F-B40F-AD159E6A5213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "A2DA3563-62A2-415A-817D-5F961C19F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.2:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "C60A6036-2705-47D7-ADE0-5AAA1B93AB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.10.3:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "60454C61-12D7-47E5-9BEE-A974508D1DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.11.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "3326E57C-849A-454A-A4F4-FD6FAE2DA0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.11.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "E0D34BE5-A35C-46E4-8253-8B06A7F63671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.12.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "7C45C059-E559-4544-A908-985680ADB12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.13.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "669266BB-59B5-4132-9353-25E530ADCA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.13.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "44E30566-25A0-4BB9-9BEC-5B9217C5E5BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.14.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "B20858B8-E692-4BF2-AECE-0418170B2583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:goodiware:goodreader:3.15.0:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "D14D3D50-AD2F-4939-9F13-5F3C4B6F85C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88FA2602-DDAB-4E23-A3D2-FB712970AAD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser."
},
{
"lang": "es",
"value": "vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la app GoodReader v3.16 y anteriores para iOS en iPad, y v3.15.1 y anteriores para IOS en iPhone e iPod touch, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores que implican el uso de la aplicaci\u00f3n junto a un navegador."
}
],
"id": "CVE-2012-2648",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-08-07T19:55:02.187",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN01598734/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN01598734/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-2648 (GCVE-0-2012-2648)
Vulnerability from cvelistv5
Published
2012-08-07 19:00
Modified
2024-09-16 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN01598734/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073 | third-party-advisory, x_refsource_JVNDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:32.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#01598734",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01598734/index.html"
},
{
"name": "JVNDB-2012-000073",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-07T19:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#01598734",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN01598734/index.html"
},
{
"name": "JVNDB-2012-000073",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-2648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#01598734",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN01598734/index.html"
},
{
"name": "JVNDB-2012-000073",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-2648",
"datePublished": "2012-08-07T19:00:00Z",
"dateReserved": "2012-05-14T00:00:00Z",
"dateUpdated": "2024-09-16T16:34:04.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
jvndb-2012-000073
Vulnerability from jvndb
Published
2012-08-02 14:46
Modified
2012-08-02 14:46
Summary
GoodReader vulnerable to cross-site scripting
Details
GoodReader contains a cross-site scripting vulnerability.
GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability.
Keigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| GoodiWare | GoodReader |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000073.html",
"dc:date": "2012-08-02T14:46+09:00",
"dcterms:issued": "2012-08-02T14:46+09:00",
"dcterms:modified": "2012-08-02T14:46+09:00",
"description": "GoodReader contains a cross-site scripting vulnerability.\r\n\r\nGoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability.\r\n\r\nKeigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000073.html",
"sec:cpe": {
"#text": "cpe:/a:goodiware:goodreader",
"@product": "GoodReader",
"@vendor": "GoodiWare",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2012-000073",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN01598734/index.html",
"@id": "JVN#01598734",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2648",
"@id": "CVE-2012-2648",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2648",
"@id": "CVE-2012-2648",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "GoodReader vulnerable to cross-site scripting"
}
var-201208-0739
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser. GoodReader contains a cross-site scripting vulnerability. GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When GoodReader is used through a web browser, an arbitrary script may be executed on the user's web browser. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. GoodReader 3.16 and prior versions for iPad are vulnerable. GoodReader 3.15.1 and prior versions for iPhone and iPod touch are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0739",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.7"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.6"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.4"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.2"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.5.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.3"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.5"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "1.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.6,
"vendor": "goodiware",
"version": "2.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.3,
"vendor": "goodiware",
"version": "3.15.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.1.2"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.10.3"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.11.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.2.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.10.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.13.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.3.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.15.0"
},
{
"model": "goodreader",
"scope": "lte",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.15.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "2.8.5"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "2.8.2"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.0.2"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.2.3"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.4.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.5.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.8.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.11.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.10.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.7.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.14.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.14.2"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.0.3"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.5.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.6.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.14.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.12.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.13.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.10.2"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.3.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.2.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.7.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.6.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "2.8.4"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "2.8"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.0.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.4.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "2.7.4"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.8.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.1.0"
},
{
"model": "goodreader",
"scope": "lte",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.16"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.0.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.9.0"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.9.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 1.0,
"vendor": "goodiware",
"version": "3.12.0"
},
{
"model": "goodreader",
"scope": "lte",
"trust": 0.8,
"vendor": "goodiware",
"version": "for ipad 3.16"
},
{
"model": "goodreader",
"scope": "lte",
"trust": 0.8,
"vendor": "goodiware",
"version": "for iphone / ipod touch 3.15.1"
},
{
"model": "goodreader",
"scope": "eq",
"trust": 0.3,
"vendor": "goodiware",
"version": "3.16"
},
{
"model": "goodreader",
"scope": "ne",
"trust": 0.3,
"vendor": "goodiware",
"version": "3.17.1"
},
{
"model": "goodreader",
"scope": "ne",
"trust": 0.3,
"vendor": "goodiware",
"version": "3.17"
}
],
"sources": [
{
"db": "BID",
"id": "54872"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:goodiware:goodreader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keigo Yamazaki of LAC Co. Ltd",
"sources": [
{
"db": "BID",
"id": "54872"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2648",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-2648",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2012-000073",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-55929",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2648",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2012-000073",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-053",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55929",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55929"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser. GoodReader contains a cross-site scripting vulnerability. GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When GoodReader is used through a web browser, an arbitrary script may be executed on the user\u0027s web browser. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. \nGoodReader 3.16 and prior versions for iPad are vulnerable. \nGoodReader 3.15.1 and prior versions for iPhone and iPod touch are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2648"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "BID",
"id": "54872"
},
{
"db": "VULHUB",
"id": "VHN-55929"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2648",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVN01598734",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053",
"trust": 0.7
},
{
"db": "BID",
"id": "54872",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-55929",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55929"
},
{
"db": "BID",
"id": "54872"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"id": "VAR-201208-0739",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55929"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:27:31.464000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "GoodReader",
"trust": 0.8,
"url": "http://www.goodiware.com/goodreader.html"
},
{
"title": "Apple iPad/iPhone/iPod touch iOS Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203177"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55929"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://jvn.jp/en/jp/jvn01598734/index.html"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2012-000073"
},
{
"trust": 1.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2648"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2648"
},
{
"trust": 0.3,
"url": "http://software.cisco.com/download/navigator.html?mdfid=283613663"
},
{
"trust": 0.3,
"url": "http://www.goodreader.net/goodreader.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55929"
},
{
"db": "BID",
"id": "54872"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55929"
},
{
"db": "BID",
"id": "54872"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-55929"
},
{
"date": "2012-08-07T00:00:00",
"db": "BID",
"id": "54872"
},
{
"date": "2012-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"date": "2012-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"date": "2012-08-07T19:55:02.187000",
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-55929"
},
{
"date": "2012-08-07T00:00:00",
"db": "BID",
"id": "54872"
},
{
"date": "2012-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-000073"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-053"
},
{
"date": "2024-11-21T01:39:21.223000",
"db": "NVD",
"id": "CVE-2012-2648"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GoodReader vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-000073"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-053"
}
],
"trust": 0.6
}
}