CVE-2012-6702
Description
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.633
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| XML parsing C library (USN-3010-1) libexpat1_2.1.0-4ubuntu1.3_i386.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.1.0-4ubuntu1.3_amd64.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.0.1-7.2ubuntu1.4_i386.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.0.1-7.2ubuntu1.4_amd64.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.1.0-7ubuntu0.15.10.2_i386.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.1.0-7ubuntu0.15.10.2_amd64.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.1.0-7ubuntu0.16.04.2_i386.deb | Linux |
| XML parsing C library (USN-3010-1) libexpat1_2.1.0-7ubuntu0.16.04.2_amd64.deb | Linux |
| XML parsing C library (USN-3010-1) lib64expat1_2.1.0-4ubuntu1.3_i386.deb | Linux |
| XML parsing C library (USN-3010-1) lib64expat1_2.0.1-7.2ubuntu1.4_i386.deb | Linux |
| XML parsing C library (USN-3010-1) lib64expat1_2.1.0-7ubuntu0.15.10.2_i386.deb | Linux |
| XML parsing C library (USN-3010-1) lib64expat1_2.1.0-7ubuntu0.16.04.2_i386.deb | Linux |
| Lightweight RPC library based on XML and HTTP (USN-3013-1) libxmlrpc-c++4_1.16.33-3.1ubuntu5.2_i386.deb | Linux |
| Lightweight RPC library based on XML and HTTP (USN-3013-1) libxmlrpc-c++4_1.16.33-3.1ubuntu5.2_amd64.deb | Linux |
| Lightweight RPC library based on XML and HTTP (USN-3013-1) libxmlrpc-core-c3_1.16.33-3.1ubuntu5.2_i386.deb | Linux |
| Lightweight RPC library based on XML and HTTP (USN-3013-1) libxmlrpc-core-c3_1.16.33-3.1ubuntu5.2_amd64.deb | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) expat-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) expat-debuginfo-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) expat-debuginfo-32bit-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) expat-debugsource-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) libexpat1-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) libexpat1-32bit-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) libexpat1-debuginfo-2.1.0-20.2.x86_64.rpm | Linux |
| SUSE-SU-2017:0424-1(SUSE Linux Enterprise Desktop 12-SP1 ) libexpat1-debuginfo-32bit-2.1.0-20.2.x86_64.rpm | Linux |
| CVE-2012-6702 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234