Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4511

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-4511
Last Modified 11 Oct 2013 10:37:08
Published 22 Oct 2012 07:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4511

Summary

services/flickr/flickr.c in libsocialweb before 0.25.21 automatically connects to Flickr when no Flickr account is set, which might allow remote attackers to obtain sensitive information via a man-in-the-middle (MITM) attack.

Vulnerable Systems

Application

  • Bastien Nocera Libsocialweb 0.25.7

  • Rob Bradford Libsocialweb 0.25.0

  • Rob Bradford Libsocialweb 0.25.11

  • Rob Bradford Libsocialweb 0.25.12

  • Rob Bradford Libsocialweb 0.25.14

  • Rob Bradford Libsocialweb 0.25.15

  • Rob Bradford Libsocialweb 0.25.16

  • Rob Bradford Libsocialweb 0.25.17

  • Rob Bradford Libsocialweb 0.25.18

  • Rob Bradford Libsocialweb 0.25.2

  • Rob Bradford Libsocialweb 0.25.3

  • Rob Bradford Libsocialweb 0.25.4

  • Rob Bradford Libsocialweb 0.25.6

  • Rob Bradford Libsocialweb 0.25.8

  • Rob Bradford Libsocialweb 0.25.9

  • Ross Burton Libsocialweb 0.25.1

  • Ross Burton Libsocialweb 0.25.10

  • Ross Burton Libsocialweb 0.25.13

  • Ross Burton Libsocialweb 0.25.19

  • Ross Burton Libsocialweb 0.25.20

  • Ross Burton Libsocialweb 0.25.5


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=863206

MLIST - [oss-security] 20121010 Re: CVE request: libsocialweb untrusted connection to flickr

MLIST - [oss-security] 20121010 CVE request: libsocialweb untrusted connection to flickr

CONFIRM - http://git.gnome.org/browse/libsocialweb/commit/?id=8c28ae1d5db5529020652cee3700c75341625503

MLIST - [oss-security] 20121023 Wrong affected version in the CVE-2012-4511


Last Updated: 27 May 2016 11:01:14