5.8
CVE-2012-4511
- EPSS 0.72%
- Veröffentlicht 22.10.2012 23:55:07
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Loginservices/flickr/flickr.c in libsocialweb before 0.25.21 automatically connects to Flickr when no Flickr account is set, which might allow remote attackers to obtain sensitive information via a man-in-the-middle (MITM) attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gnome ≫ Libsocialweb Version <= 0.25.20
Gnome ≫ Libsocialweb Version0.25.0
Gnome ≫ Libsocialweb Version0.25.1
Gnome ≫ Libsocialweb Version0.25.2
Gnome ≫ Libsocialweb Version0.25.3
Gnome ≫ Libsocialweb Version0.25.4
Gnome ≫ Libsocialweb Version0.25.5
Gnome ≫ Libsocialweb Version0.25.6
Gnome ≫ Libsocialweb Version0.25.7
Gnome ≫ Libsocialweb Version0.25.8
Gnome ≫ Libsocialweb Version0.25.9
Gnome ≫ Libsocialweb Version0.25.10
Gnome ≫ Libsocialweb Version0.25.11
Gnome ≫ Libsocialweb Version0.25.12
Gnome ≫ Libsocialweb Version0.25.13
Gnome ≫ Libsocialweb Version0.25.14
Gnome ≫ Libsocialweb Version0.25.15
Gnome ≫ Libsocialweb Version0.25.16
Gnome ≫ Libsocialweb Version0.25.17
Gnome ≫ Libsocialweb Version0.25.18
Gnome ≫ Libsocialweb Version0.25.19
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.72% | 0.702 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.