CVE-2012-5184

{"id": "CVE-2012-5184", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-01-19T20:55:00.853", "references": [{"url": "http://jvn.jp/en/jp/JVN91881278/index.html", "source": "vultures@jpcert.or.jp"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000001", "source": "vultures@jpcert.or.jp"}, {"url": "https://itunes.apple.com/us/app/documents-pro/id374142847", "source": "vultures@jpcert.or.jp"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Olive Toast Documents Pro File Viewer (formerly Files HD) app before 1.11.1 for iOS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la aplicaci\u00f3n Olive Toast Documents Pro File Viewer (antes Files HD) para iOS que permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."}], "lastModified": "2013-01-21T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:olivetoast:documents_pro_file_viewer:*:-:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "9D5AAD60-9B08-4F16-B93C-273D61B999CA", "versionEndIncluding": "1.11"}], "operator": "OR"}]}], "sourceIdentifier": "vultures@jpcert.or.jp"}