Vulnerability Name:

CVE-2012-4429 (CCN-78602)

Assigned:2012-06-20
Published:2012-06-20
Updated:2017-08-29
Summary:Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2012-4429

Source: CCN
Type: RHSA-2013-0169
Moderate: vino security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:0169

Source: CCN
Type: SA50527
Vino Clipboard Content Disclosure Security Issue

Source: SECUNIA
Type: Vendor Advisory
50527

Source: MLIST
Type: UNKNOWN
[oss-security] 20120913 CVE request: information leak in vino

Source: MLIST
Type: UNKNOWN
[oss-security] 20120913 Re: CVE request: information leak in vino

Source: BID
Type: UNKNOWN
55548

Source: CCN
Type: BID-55548
Vino CVE-2012-4429 Information Disclosure Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-1701-1

Source: CCN
Type: Red Hat Bugzilla Bug 857250
CVE-2012-4429 vino: information leak and authentication bypass

Source: XF
Type: UNKNOWN
vino-clipboard-info-disclosure(78602)

Source: XF
Type: UNKNOWN
vino-clipboard-info-disclosure(78602)

Source: CCN
Type: GNOME Web site
Vino

Vulnerable Configuration:Configuration 1:
  • cpe:/a:david_king:vino:0.12:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:0.14:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.7.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.8.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.9:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.10:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.11:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.11.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.11.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.11.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.11.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.11.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.12:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.13:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.13.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.14:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.15:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.16:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.17:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.17.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.17.4:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.17.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.17.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.18:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.18.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.19:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.19.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.19.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.19.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.20:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.20.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.21.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.22:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.22.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.22.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.23:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.23.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.23.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.23.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.23.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.24:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.24.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25.4:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.25.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.26:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.26.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.26.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.27:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.27.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.27.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.27.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.27.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.28:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.28.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.31.4:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.31.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.32.0:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.32.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.99.0:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:2.99.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.90:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.91:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.1.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.3.92:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:3.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:david_king:vino:*:*:*:*:*:*:*:* (Version <= 3.4.2)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:18228
    P
    		USN-1701-1 -- vino vulnerability
    2014-06-30
    oval:org.mitre.oval:def:23811
    P
    		ELSA-2013:0169: vino security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:20735
    P
    		RHSA-2013:0169: vino security update (Moderate)
    2014-02-17
    oval:com.redhat.rhsa:def:20130169
    P
    		RHSA-2013:0169: vino security update (Moderate)
    2013-01-21
    oval:com.ubuntu.precise:def:20124429000
    V
    		CVE-2012-4429 on Ubuntu 12.04 LTS (precise) - medium.
    2012-09-30
    BACK
    david_king vino 0.12
    david_king vino 0.14
    david_king vino 2.7
    david_king vino 2.7.3
    david_king vino 2.7.3.1
    david_king vino 2.7.4
    david_king vino 2.7.90
    david_king vino 2.7.91
    david_king vino 2.7.92
    david_king vino 2.8
    david_king vino 2.8.0
    david_king vino 2.8.0.1
    david_king vino 2.8.1
    david_king vino 2.9
    david_king vino 2.9.2
    david_king vino 2.10
    david_king vino 2.11
    david_king vino 2.11.1
    david_king vino 2.11.1.1
    david_king vino 2.11.1.2
    david_king vino 2.11.90
    david_king vino 2.11.92
    david_king vino 2.12
    david_king vino 2.13
    david_king vino 2.13.5
    david_king vino 2.14
    david_king vino 2.15
    david_king vino 2.16
    david_king vino 2.17
    david_king vino 2.17.2
    david_king vino 2.17.4
    david_king vino 2.17.5
    david_king vino 2.17.92
    david_king vino 2.18
    david_king vino 2.18.1
    david_king vino 2.19
    david_king vino 2.19.5
    david_king vino 2.19.90
    david_king vino 2.19.92
    david_king vino 2.20
    david_king vino 2.20.1
    david_king vino 2.21
    david_king vino 2.21.1
    david_king vino 2.21.2
    david_king vino 2.21.3
    david_king vino 2.21.90
    david_king vino 2.21.91
    david_king vino 2.21.92
    david_king vino 2.22
    david_king vino 2.22.1
    david_king vino 2.22.2
    david_king vino 2.23
    david_king vino 2.23.5
    david_king vino 2.23.90
    david_king vino 2.23.91
    david_king vino 2.23.92
    david_king vino 2.24
    david_king vino 2.24.1
    david_king vino 2.25
    david_king vino 2.25.3
    david_king vino 2.25.4
    david_king vino 2.25.5
    david_king vino 2.25.90
    david_king vino 2.25.91
    david_king vino 2.25.92
    david_king vino 2.26
    david_king vino 2.26.1
    david_king vino 2.26.2
    david_king vino 2.27
    david_king vino 2.27.5
    david_king vino 2.27.90
    david_king vino 2.27.91
    david_king vino 2.27.92
    david_king vino 2.28
    david_king vino 2.28.3
    david_king vino 2.31.4
    david_king vino 2.31.91
    david_king vino 2.32.0
    david_king vino 2.32.2
    david_king vino 2.99.0
    david_king vino 2.99.1
    david_king vino 2.99.2
    david_king vino 2.99.3
    david_king vino 2.99.4
    david_king vino 2.99.5
    david_king vino 3.0.0
    david_king vino 3.0.1
    david_king vino 3.0.2
    david_king vino 3.0.3
    david_king vino 3.1
    david_king vino 3.1.1
    david_king vino 3.1.2
    david_king vino 3.1.3
    david_king vino 3.1.4
    david_king vino 3.1.5
    david_king vino 3.1.90
    david_king vino 3.1.91
    david_king vino 3.1.92
    david_king vino 3.2.0
    david_king vino 3.2.1
    david_king vino 3.2.2
    david_king vino 3.3.1
    david_king vino 3.3.3
    david_king vino 3.3.92
    david_king vino 3.4.0
    david_king vino 3.4.1
    david_king vino *