var-201211-0023
Vulnerability from variot
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability.". Microsoft IIS is prone to an information-disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Awareness System
US-CERT Alert TA12-318A Microsoft Updates for Multiple Vulnerabilities
Original release date: November 13, 2012 Last revised: --
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft .NET Framework
* Internet Explorer
Overview
Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
Description
The Microsoft Security Bulletin Summary for November 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities.
Impact
A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.
Solution
Apply Updates
Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.
References
-
Microsoft Security Bulletin Summary for November 2012 http://technet.microsoft.com/en-us/security/bulletin/ms12-nov
-
Microsoft Windows Server Update Services http://technet.microsoft.com/en-us/wsus/default.aspx
-
Microsoft Update http://www.update.microsoft.com/
-
Microsoft Update Overview http://www.microsoft.com/security/updates/mu.aspx
-
Turn Automatic Updating On or Off http://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off
Revision History
November 13, 2012: Initial release
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA12-318A Feedback VU#970852" in the subject.
Produced by US-CERT, a government organization.
This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html
Privacy & Use policy: http://www.us-cert.gov/privacy/
This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-318A.html
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBUKKbnXdnhE8Qi3ZhAQLN4gf+KyOiTaktnc1wbWdbBogH12NJbOR5Y7PR DRpdn+3Iqyua02oxy2bXy3C/uV1xz2FlRylXS7PRNdka8RboUUOP3jY4DADR2UW/ GCtxskzWydk+w8OT8OvGiwD5TPaUXb/OawDEN5HW2R/Q+vZAcnGvOeuWbvCjM1hB tPUsQLM8QEXQ0oIPelTVBGlBKAXaYdkekTJcpx5sJC1qUn+976hFsajHugBOk06U lEhvTK7eiMpQOeQ0RYeMd8V4cP6h+WYTjxzruckfP4HwMeJARuq6UnTDzZ8mKYws sqs4xqaTr+8eOnoM7G1/7MMDhS2epvbbt7J/MXFp6tc0nVaLnskIQA== =/QVO -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "7.5"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x32) sp1 before"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64) sp1 before"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2(itanium) sp1 before"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2(x64) sp1 before"
},
{
"model": "windows vista service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20"
},
{
"model": "windows server r2 itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server r2 itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20080"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server r2 for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20080"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "70"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "70"
},
{
"model": "internet information server",
"scope": "eq",
"trust": 0.1,
"vendor": "microsoft",
"version": "7.5"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "BID",
"id": "56439"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_7",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_server_2008",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Justin Royce of ProDX",
"sources": [
{
"db": "BID",
"id": "56439"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2531",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2012-2531",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2531",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2012-2531",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-229",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2012-2531",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
},
{
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka \"Password Disclosure Vulnerability.\". Microsoft IIS is prone to an information-disclosure vulnerability. \nAn attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNational Cyber Awareness System\n\nUS-CERT Alert TA12-318A\nMicrosoft Updates for Multiple Vulnerabilities\n\nOriginal release date: November 13, 2012\nLast revised: --\n\nSystems Affected\n\n * Microsoft Windows\n * Microsoft Office\n * Microsoft .NET Framework\n * Internet Explorer\n\n\nOverview\n\n Select Microsoft software products contain multiple\n vulnerabilities. Microsoft has released updates to address these\n vulnerabilities. \n\n\nDescription\n\n The Microsoft Security Bulletin Summary for November 2012 describes\n multiple vulnerabilities in Microsoft software. Microsoft has\n released updates to address the vulnerabilities. \n\n\nImpact\n\n A remote, unauthenticated attacker could execute arbitrary code,\n cause a denial of service, or gain unauthorized access to your\n files or system. \n\n\nSolution\n\n Apply Updates\n\n Microsoft has provided updates for these vulnerabilities in the\n Microsoft Security Bulletin Summary for November 2012, which\n describes any known issues related to the updates. Administrators\n are encouraged to note these issues and test for any potentially\n adverse effects. In addition, administrators should consider using\n an automated update distribution system such as Windows Server\n Update Services (WSUS). Home users are encouraged to enable\n automatic updates. \n\n\nReferences\n\n * Microsoft Security Bulletin Summary for November 2012\n \u003chttp://technet.microsoft.com/en-us/security/bulletin/ms12-nov\u003e\n\n * Microsoft Windows Server Update Services\n \u003chttp://technet.microsoft.com/en-us/wsus/default.aspx\u003e\n\n * Microsoft Update\n \u003chttp://www.update.microsoft.com/\u003e\n\n * Microsoft Update Overview\n \u003chttp://www.microsoft.com/security/updates/mu.aspx\u003e\n\n * Turn Automatic Updating On or Off\n \u003chttp://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off\u003e\n\n\nRevision History\n\n November 13, 2012: Initial release\n\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA12-318A Feedback VU#970852\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. \n ____________________________________________________________________\n\nThis product is provided subject to this Notification: \nhttp://www.us-cert.gov/privacy/notification.html\n\nPrivacy \u0026 Use policy: \nhttp://www.us-cert.gov/privacy/\n\nThis document can also be found at\nhttp://www.us-cert.gov/cas/techalerts/TA12-318A.html\n\nFor instructions on subscribing to or unsubscribing from this \nmailing list, visit http://www.us-cert.gov/cas/signup.html\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBUKKbnXdnhE8Qi3ZhAQLN4gf+KyOiTaktnc1wbWdbBogH12NJbOR5Y7PR\nDRpdn+3Iqyua02oxy2bXy3C/uV1xz2FlRylXS7PRNdka8RboUUOP3jY4DADR2UW/\nGCtxskzWydk+w8OT8OvGiwD5TPaUXb/OawDEN5HW2R/Q+vZAcnGvOeuWbvCjM1hB\ntPUsQLM8QEXQ0oIPelTVBGlBKAXaYdkekTJcpx5sJC1qUn+976hFsajHugBOk06U\nlEhvTK7eiMpQOeQ0RYeMd8V4cP6h+WYTjxzruckfP4HwMeJARuq6UnTDzZ8mKYws\nsqs4xqaTr+8eOnoM7G1/7MMDhS2epvbbt7J/MXFp6tc0nVaLnskIQA==\n=/QVO\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2531"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "BID",
"id": "56439"
},
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "PACKETSTORM",
"id": "118116"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2531",
"trust": 2.8
},
{
"db": "BID",
"id": "56439",
"trust": 2.0
},
{
"db": "USCERT",
"id": "TA12-318A",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2012-2531",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118116",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "BID",
"id": "56439"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "PACKETSTORM",
"id": "118116"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
},
{
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"id": "VAR-201211-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-23T21:45:53.432000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS12-073",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/bulletin/ms12-073"
},
{
"title": "MS12-073",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/bulletin/ms12-073"
},
{
"title": "TA12-318A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta12-318a.html"
},
{
"title": "shodan-playing",
"trust": 0.1,
"url": "https://github.com/dominicporter/shodan-playing "
},
{
"title": "copycat",
"trust": 0.1,
"url": "https://github.com/entynetproject/copycat "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/56439"
},
{
"trust": 1.7,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-073"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15959"
},
{
"trust": 0.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta12-318a.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2531"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120035.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta12-318a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2531"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windowsserver2003/iis/default.mspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/56439"
},
{
"trust": 0.1,
"url": "https://github.com/dominicporter/shodan-playing"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://windows.microsoft.com/en-us/windows-vista/turn-automatic-updating-on-or-off\u003e"
},
{
"trust": 0.1,
"url": "http://www.update.microsoft.com/\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/security/updates/mu.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/wsus/default.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/bulletin/ms12-nov\u003e"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "BID",
"id": "56439"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "PACKETSTORM",
"id": "118116"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
},
{
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"db": "BID",
"id": "56439"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"db": "PACKETSTORM",
"id": "118116"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
},
{
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-14T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"date": "2012-11-13T00:00:00",
"db": "BID",
"id": "56439"
},
{
"date": "2012-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"date": "2012-11-15T02:44:59",
"db": "PACKETSTORM",
"id": "118116"
},
{
"date": "2012-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-229"
},
{
"date": "2012-11-14T00:55:01.547000",
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-05T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2531"
},
{
"date": "2012-11-20T12:10:00",
"db": "BID",
"id": "56439"
},
{
"date": "2012-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005346"
},
{
"date": "2019-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-229"
},
{
"date": "2024-11-21T01:39:11.930000",
"db": "NVD",
"id": "CVE-2012-2531"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "56439"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Information Services Vulnerabilities in which authentication information is discovered",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005346"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-229"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.