NVD

Id
44030  
Name
CVE-2012-2191  
Description
IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows remote attackers to cause a denial of service (application crash) via crafted values in the TLS Record Layer, a different vulnerability than CVE-2012-2333.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2012-08-08  
Modified Date
2013-08-17  
Seq
2012-2191  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
221287 44030 CVE-2012-2191 IV31980  View
221288 44030 CVE-2012-2191 IV31981  View
221289 44030 CVE-2012-2191 http://www-01.ibm.com/support/docview.wss?uid=swg21606145  View
221290 44030 CVE-2012-2191 54743  View
221291 44030 CVE-2012-2191 rds-recordlayer-dos(75996)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27809 JVNDB-2012-003516 IBM Global Security Kit におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 IBM Rational Directory Server、IBM Tivoli Directory Server およびその他の製品で使用される IBM Global Security Kit は、Vaudenay SSL CBC タイミング攻撃に対する保護メカニズム実行中にデータを適切に検証しないため、サービス運用妨害 (アプリケーションクラッシュ) 状態となる脆弱性が存在します。 CVE-2012-2191 55429 CVE-2012-2191 44030 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003516.html 2012-08-08 2012-08-10 View