CVE-2012-4929

Description

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.

References

Link	Tags
http://marc.info/?l=bugtraq&m=136612293908376&w=2	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0587.html	vendor advisory
http://www.debian.org/security/2012/dsa-2579	vendor advisory
https://gist.github.com/3696912
http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html	vendor advisory
http://www.ubuntu.com/usn/USN-1898-1	vendor advisory
https://chromiumcodereview.appspot.com/10825183
http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html	vendor advisory
http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312
http://www.debian.org/security/2015/dsa-3253	vendor advisory
http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html	vendor advisory
https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
https://github.com/mpgn/CRIME-poc
http://news.ycombinator.com/item?id=4510829
http://support.apple.com/kb/HT5784
http://www.theregister.co.uk/2012/09/14/crime_tls_attack/
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html	vendor advisory
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html	third party advisory
http://www.ubuntu.com/usn/USN-1627-1	vendor advisory
http://www.debian.org/security/2013/dsa-2627	vendor advisory
http://code.google.com/p/chromium/issues/detail?id=139744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920	vdb entry signature
http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/
http://www.securityfocus.com/bid/55704	vdb entry
http://www.ubuntu.com/usn/USN-1628-1	vendor advisory
https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212
http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512
http://www.ekoparty.org/2012/thai-duong.php
http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html	vendor advisory
http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor
http://jvn.jp/en/jp/JVN65273415/index.html	third party advisory
https://bugzilla.redhat.com/show_bug.cgi?id=857051

Frequently Asked Questions

What is the severity of CVE-2012-4929?: CVE-2012-4929 has been scored as a low severity vulnerability.
How to fix CVE-2012-4929?: To fix CVE-2012-4929, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2012-4929 being actively exploited in the wild?: It is possible that CVE-2012-4929 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~13% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-310 – Cryptographic Issues

References

Frequently Asked Questions