Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

RootSSV:60296

HistoryJul 27, 2012 - 12:00 a.m.

Apple XCode 4.x 信息泄露漏洞

2012-07-2700:00:00

Root

www.seebug.org

0.003 Low

EPSS

Percentile

66.1%

JSON

BUGTRAQ ID: 54679
CVE ID: CVE-2012-3698,CVE-2011-3389

Xcode是苹果机器上所使用的开发工具。

Apple Xcode 4.4之前版本在实现上存在安全漏洞，可被恶意用户利用泄露敏感信息，劫持用户会话，绕过某些安全限制。

1） SSL 3.0和TLS 1.0协议的实现中存在设计错误。
2） DR实现中的错误可允许App Store应用访问用Xcode构建的Helper工具中的密钥链项目。
0
Apple XCode 4.x
厂商补丁：

Apple

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://support.apple.com/

nessus 44

cve 3

prion 2

fedora 25

checkpoint_security 1

openvas 77

ibm 9

cert 1

veracode 2

mskb 1

debiancve 1

checkpoint_advisories 2

seebug 1

ics 2

securityvulns 11

debian 5

freebsd 2

ubuntucve 1

rubygems 1

f5 2

osv 4

rapid7blog 1

gentoo 1

nessus

Apple Xcode < 4.4 Multiple Vulnerabilities (Mac OS X) (BEAST)

2012-08-03 00:00:00

Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)

2014-02-07 00:00:00

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)

2012-04-16 00:00:00

cve

CVE-2012-3698

2012-07-26 19:55:00

CVE-2011-3389

2011-09-06 19:55:00

CVE-2004-2770

2011-09-25 10:55:00

prion

Code injection

2012-07-26 19:55:00

Session fixation

2011-09-06 19:55:00

fedora

[SECURITY] Fedora 15 Update: nss-util-3.13.1-3.fc15

2012-01-22 05:26:28

[SECURITY] Fedora 15 Update: xulrunner-9.0.1-1.fc15

2012-01-22 05:26:29

[SECURITY] Fedora 15 Update: nspr-4.8.9-2.fc15

2012-01-22 05:26:29

checkpoint_security

Check Point response to CVE-2011-3389 aka BEAST attack

2012-10-15 22:00:00

openvas

Fedora Update for thunderbird-lightning FEDORA-2011-17399

2012-01-23 00:00:00

Fedora Update for firefox FEDORA-2011-17399

2012-01-23 00:00:00

Fedora Update for firefox FEDORA-2011-17400

2012-04-02 00:00:00

ibm

Security Bulletin: Vulnerabilities in SSL and TLS protocols affect the IBM FlashSystem V840 (CVE-2011-3389)

2018-06-18 00:09:28

Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)

2022-05-16 16:03:13

Security Bulletin: Vulnerability in Transport Layer Security Protocol Used in IBM System Networking Ethernet Switches (CVE-2011-3389)

2022-09-26 22:21:32

cert

SSL 3.0 and TLS 1.0 allow chosen plaintext attack in CBC modes

2011-09-27 00:00:00

veracode

Man-in-the-Middle (MitM)

2019-05-02 04:55:58

Blockwise Chosen-boundary Attacks

2017-04-27 06:38:37

mskb

MS12-006: Vulnerability in SSL/TLS could allow information disclosure: January 10, 2012

2012-01-10 00:00:00

debiancve

CVE-2011-3389

2011-09-06 19:55:00

checkpoint_advisories

Preemptive Protection against SSL and TLS Protocols Information Disclosure (MS12-006; CVE-2011-3389)

2012-01-10 00:00:00

Web Servers SSL Flooding Denial of Service (CVE-2011-3389)

2011-11-06 00:00:00

seebug

Microsoft Windows SSL/TLS信息泄露漏洞

2011-09-29 00:00:00

ics

Siemens Ruggedcom WIN Products BEAST Attack Vulnerability

2018-09-06 12:00:00

Siemens SIMATIC RF6XXR

2019-07-11 12:00:00

securityvulns

ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

2014-05-05 00:00:00

ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

2012-10-29 00:00:00

lighthttpd security vulnerabilities

2012-01-02 00:00:00

debian

[SECURITY] [DSA 2398-2] curl regression

2012-03-31 19:38:57

[SECURITY] [DSA 2368-1] lighttpd security update

2011-12-21 00:24:51

[SECURITY] [DSA 2398-1] curl security update

2012-01-30 19:49:07

freebsd

fetchmail -- chosen plaintext attack against SSL CBC initialization vectors

2012-01-19 00:00:00

asterisk -- Multiple vulnerabilities

2016-02-03 00:00:00

ubuntucve

CVE-2011-3389

2011-11-16 00:00:00

rubygems

CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

2011-08-31 00:00:00

SOL13400 - SSL 3.0/TLS 1.0 BEAST vulnerability CVE-2011-3389 and TLS protocol vulnerability CVE-2012-1870

2012-03-06 00:00:00

K13400 : SSL 3.0/TLS 1.0 vulnerability CVE-2011-3389 and TLS protocol vulnerability CVE-2012-1870

2015-06-16 00:00:00

osv

curl - several

2012-03-31 00:00:00

lighttpd - several

2011-12-20 00:00:00

nss - security update

2015-02-16 00:00:00

rapid7blog

New Rapid7 MDR Essentials Capability Sees What Attackers See: “It’s Eye-Opening”

2021-09-01 13:11:33

gentoo

cURL: Multiple vulnerabilities

2012-03-06 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.003 Low

EPSS

Percentile

66.1%

JSON

Related for SSV:60296