Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2012-4930
HistorySep 15, 2012 - 6:55 p.m.

CVE-2012-4930

2012-09-1518:55:00
Debian Security Bug Tracker
security-tracker.debian.org
12

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

JSON

The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a “CRIME” attack.

OSVersionArchitecturePackageVersionFilename
Debian9allchromium-browser< 70.0.3538.110-1~deb9u1chromium-browser_70.0.3538.110-1~deb9u1_all.deb

Related

avleonov 1
prion 1
nessus 8
mozilla 1
cve 2
f5 3
seebug 1
ubuntucve 1
openvas 2
checkpoint_security 1
securityvulns 1
rosalinux 1
avleonov
avleonov
Kenna Security: Analyzing Vulnerability Scan data
2018-01-20 22:27:03
prion
prion
Design/Logic Flaw
2012-09-15 18:55:00
nessus
nessus
F5 Networks BIG-IP : CRIME vulnerability via the SPDY protocol (K14059)
2016-01-28 00:00:00
Transport Layer Security (TLS) Protocol CRIME Vulnerability
2012-10-16 00:00:00
SeaMonkey < 2.12.0 Multiple Vulnerabilities
2012-08-29 00:00:00
mozilla
mozilla
SPDY information disclosure — Mozilla
2012-09-21 00:00:00
cve
cve
CVE-2012-4930
2012-09-15 18:55:00
CVE-2012-3977
2012-10-09 11:13:00
f5
f5
K14059 : CRIME vulnerability via the SPDY protocol CVE-2012-4930
2015-04-29 00:00:00
SOL14059 - CRIME vulnerability via the SPDY protocol CVE-2012-4930
2012-12-19 00:00:00
CRIME vulnerability via the SPDY protocol CVE-2012-4930
2012-12-19 23:42:00
seebug
seebug
SPDY protocol &lt;=3 协议信息泄露漏洞
2012-09-18 00:00:00
ubuntucve
ubuntucve
CVE-2012-4930
2012-09-15 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-73) - Linux
2021-11-11 00:00:00
SSL/TLS: TLS/SPDY Protocol Information Disclosure Vulnerability (CRIME)
2017-03-09 00:00:00
checkpoint_security
checkpoint_security
Check Point response to CVE-2012-4929, CVE-2012-4930 aka CRIME attack
2012-10-20 22:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2371
2024-03-12 12:37:38

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

JSON
Related for DEBIANCVE:CVE-2012-4930
avleonov1prion1nessus8mozilla1cve2f53seebug1ubuntucve1openvas2checkpoint_security1securityvulns1rosalinux1