CVE-2012-4930
Published at:
-
15-09-2012 08:55
Last modified:
-
19-10-2022 06:46
Total changes:
-
5
Description
Common Vulnerability Scoring System (CVSS)
High
Attack complexity
Network
Attack vector
None
Availability
Low
Confidentiality
None
Integrity
-
Privileges required
-
Scope
-
User interaction
2.6
Base score
4.9
2.9
Exploitability score
Impact score
Verification logic
Reference
- http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/
- http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091
- http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312
- http://www.theregister.co.uk/2012/09/14/crime_tls_attack/
- http://www.ekoparty.org/2012/thai-duong.php
- https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
- http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html
- https://bugzilla.redhat.com/show_bug.cgi?id=857737
- SUSE-SU-2012:1351-
Keywords