Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2012-3466 - CERT CVE
CVE-2012-3466
ID
CVE-2012-3466
Sažetak
GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.
Reference
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683655
http://git.gnome.org/browse/gnome-keyring/commit/?id=51606f299e5ee9d48096db0a5957efe26cbf7cc3
http://git.gnome.org/browse/gnome-keyring/commit/?id=5dff623470b859e332dbe12afb0dc57b292832d2
http://lists.opensuse.org/opensuse-updates/2012-09/msg00037.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:084
http://www.openwall.com/lists/oss-security/2012/08/09/1
http://www.openwall.com/lists/oss-security/2012/08/09/2
https://bugzilla.gnome.org/show_bug.cgi?id=681081
https://bugzilla.redhat.com/show_bug.cgi?id=845426
CVSS
Base:
4.4
Impact:
6.4
Exploitability:
3.4
Pristup
Vektor
Složenost
Autentikacija
LOCAL
MEDIUM
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
PARTIAL
PARTIAL
CVSS vektor
AV:L/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje
05-12-2013 - 05:15
Objavljeno
22-10-2012 - 23:55