[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253650

 
 

909

 
 

197367

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-3466Date: (C)2012-10-23   (M)2023-12-22


GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.4
Exploit Score: 3.4
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
MDVSA-2013:084
http://www.openwall.com/lists/oss-security/2012/08/09/2
http://www.openwall.com/lists/oss-security/2012/08/09/1
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683655
http://git.gnome.org/browse/gnome-keyring/commit/?id=51606f299e5ee9d48096db0a5957efe26cbf7cc3
http://git.gnome.org/browse/gnome-keyring/commit/?id=5dff623470b859e332dbe12afb0dc57b292832d2
https://bugzilla.gnome.org/show_bug.cgi?id=681081
https://bugzilla.redhat.com/show_bug.cgi?id=845426
openSUSE-SU-2012:1121

CPE    2
cpe:/a:gnome:gnome-keyring:3.4.0
cpe:/a:gnome:gnome-keyring:3.4.1
CWE    1
CWE-264
OVAL    1
oval:org.secpod.oval:def:104134

© SecPod Technologies