Mozilla · Firefox · CVE-2012-0450
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions 4.x through 9.0
SeaMonkey versions prior to 2.7
**Description**
The issue allows local users to potentially read a Firefox Sync key via standard filesystem operations due to weak permissions set for Firefox Recovery Key.html on Linux and Mac OS X systems.
**Recommendations**
For Mozilla Firefox versions 4.x through 9.0, update to a version outside of this range to resolve the issue.
For SeaMonkey versions prior to 2.7, update to version 2.7 or later to resolve the issue.