Vulnerability CVE-2012-6109

Vulnerability Name:

CVE-2012-6109 (CCN-81342)

Assigned:

2012-12-06

Published:

2013-01-15

Updated:

2023-02-13

Summary:

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2012-6109

Source: CCN
Type: Rack Web site
Rack

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2013-0544
Important: Subscription Asset Manager 1.2 update

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2013-0548
Moderate: CloudForms Common 1.1.2 update

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: SA51815
Rack Multiple Denial of Service Vulnerabilities

Source: CCN
Type: BID-58767
Rack 'lib/rack/multipart.rb' CVE-2012-6109 Denial of Service Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 895277
CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
rack-engine-dos(81342)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:26222	P	Security update for virglrenderer (Important) (in QA)	2022-01-17
oval:org.opensuse.security:def:26223	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:26188	P	Security update for gegl (Important)	2021-12-28
oval:org.opensuse.security:def:26124	P	Security update for openssl-1_1 (Low)	2021-09-09
oval:org.opensuse.security:def:26113	P	Security update for mysql-connector-java (Moderate)	2021-08-30
oval:org.opensuse.security:def:26112	P	Security update for sssd (Important)	2021-08-30
oval:org.opensuse.security:def:20126109	V	CVE-2012-6109	2021-08-15
oval:org.opensuse.security:def:36563	P	rubygem-rack-1_4-1.4.5-0.5.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26212	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:26211	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:26210	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:26496	P	Security update for tmux (Moderate)	2020-12-01
oval:org.opensuse.security:def:26286	P	Security update for libcdio (Low)	2020-12-01
oval:org.opensuse.security:def:27526	P	opensc-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26929	P	kdenetwork4-filesharing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26840	P	wireshark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26538	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26415	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:27659	P	Security update for rubygem-rack	2020-12-01
oval:org.opensuse.security:def:26888	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26890	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26787	P	nagios on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26454	P	Security update for python-Jinja2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:27624	P	Security update for inn	2020-12-01
oval:org.opensuse.security:def:26844	P	xorg-x11-Xvnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26841	P	xdg-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26636	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26397	P	Security update for plasma5-workspace (Important)	2020-12-01
oval:org.opensuse.security:def:27660	P	Security update for rubygem-rack	2020-12-01
oval:org.opensuse.security:def:26986	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26830	P	t1lib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26788	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26552	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26316	P	Recommended update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27625	P	Security update for java-1_4_2-ibm	2020-12-01
oval:org.opensuse.security:def:26942	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26791	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26637	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26495	P	Security update for phpMyAdmin (Important)	2020-12-01
oval:org.opensuse.security:def:26987	P	lvm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26928	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26742	P	libcgroup1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26553	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26414	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:27561	P	rubygem-rack-1_4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26943	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26889	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26689	P	ed on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20126109000	V	CVE-2012-6109 on Ubuntu 12.04 LTS (precise) - low.	2013-03-01
oval:com.ubuntu.xenial:def:201261090000000	V	CVE-2012-6109 on Ubuntu 16.04 LTS (xenial) - low.	2013-03-01
oval:com.ubuntu.trusty:def:20126109000	V	CVE-2012-6109 on Ubuntu 14.04 LTS (trusty) - low.	2013-03-01
oval:com.ubuntu.xenial:def:20126109000	V	CVE-2012-6109 on Ubuntu 16.04 LTS (xenial) - low.	2013-03-01

BACK