VDB

CVE-2012-6702

CVE-2012-6702 PUBLISHED

Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.

EPSS 0.72% · 72.9th percentile

Risk Scores

EPSS Score
0.72%
72.9th percentile

Affected Products

VendorProductVersions
Ubuntu:14.04:LTSxmlrpc-c1.33.06-0ubuntu1, 1.16.33-3.2ubuntu3, 0
Ubuntu:25.10sitecopy1:0.16.6-16, 0, *
Ubuntu:18.04:LTSvnc4*, 0
Ubuntu:18.04:LTSxmlrpc-c1.33.14-8, 0, 1.33.14-8build1
Ubuntu:25.10paraview0, 5.13.2+dfsg-2ubuntu2, 5.13.2+dfsg-3
Ubuntu:Pro:16.04:LTSvnc44.1.1+xorg4.3.0-37.3ubuntu2.1+esm1, 4.1.1+xorg4.3.0-37.3ubuntu2, 0
Ubuntu:14.04:LTSexpat2.1.0-4ubuntu1.1, 2.1.0-4, 2.1.0-4ubuntu1
Ubuntu:25.10xmlrpc-c0, 1.59.03-7, 1.59.03-10
Ubuntu:20.04:LTSxmlrpc-c0, 1.33.14-8build1, 1.33.14-8build2
Ubuntu:Pro:14.04:LTSvnc40, *, *
Ubuntu:16.04:LTSinsighttoolkit3.20.1+git20120521-6build1, 0, 3.20.1+git20120521-6
Ubuntu:16.04:LTSxmlrpc-c1.33.14-1ubuntu1, 0, 1.33.14-0.2ubuntu3
Ubuntu:22.04:LTSxmlrpc-c1.33.14-9, 1.33.14-10, 0
Ubuntu:24.04:LTSxmlrpc-c1.33.14-12build2, 1.33.14-12build1, 0
Ubuntu:16.04:LTSexpat2.1.0-7, 2.1.0-7ubuntu0.16.04.1, 0

Timeline

  • Dec 31, 2012 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 16, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›