NVD

Id
47347  
Name
CVE-2012-6702  
Description
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-06-16  
Modified Date
2016-11-29  
Seq
2012-6702  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
236665 47347 CVE-2012-6702 DSA-3597  View
236666 47347 CVE-2012-6702 [oss-security] 20160603 Re: expat hash collision fix too predictable?  View
236667 47347 CVE-2012-6702 [oss-security] 20160603 Re: expat hash collision fix too predictable?  View
236668 47347 CVE-2012-6702 91483  View
236669 47347 CVE-2012-6702 USN-3010-1  View
236670 47347 CVE-2012-6702 https://source.android.com/security/bulletin/2016-11-01.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30646 JVNDB-2012-006354 Expat における暗号保護メカニズムを破られる脆弱性 Expat には、XML_SetHashSalt を呼び出さない、またはそれを 0 のシードに渡さないパーサで使用される場合、暗号保護メカニズムを破られる脆弱性が存在します。 CVE-2012-6702 59940 CVE-2012-6702 47347 4.3 5.9 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006354.html 2012-04-05 2016-06-20 View