Information disclosure in Vino - CVE-2012-4429

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU43454

Information disclosure in Vino - CVE-2012-4429

Published: October 1, 2012 / Updated: August 11, 2020


Vulnerability identifier: #VU43454
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2012-4429
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Gnome Development Team
Affected software:
Vino

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.


How to mitigate CVE-2012-4429

Install update from vendor's website.

Sources