Skip to main content
Support

KB Article #179733

Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2012

List of possible security vulnerabilities reported against SecureTransport and corresponding analysis based on Axway's research.


NOTE: This KB lists only the vulnerabilities, tagged with the year 2012. For CVEs from other years, refer to the following articles:
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2018
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2017
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2016
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2015
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2014
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2013
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2011
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2010
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2009 and earlier


Additional lists of security vulnerabilities reported against SecureTransport application without formal CVE/CWE identifiers or against ST appliance platforms can be found at :



CVE Reference CVSS v2 Base Score Attack Vector Version Reported Version Fixed KB Article
CVE-2012-4431 4.3 Network 5.2.1 SP4 5.2.1 SP5 -
Added: N/A Last modified: N/A

Fixed with update of third party Tomcat module to version 7.0.57 in ST 5.2.1 SP5.

CVE-2012-5568 5.0 Network 4.9.2 SP2
5.1 SP2
N/A -
Added: N/A Last modified: N/A

This is not considered a bug by the Apache Organization and it can be mitigated at network level.

CVE-2012-4991 8.5 Network 5.1 SP2
4.9.2 SP2
5.1 SP2 P4
4.9.2 SP2 P59
-
Added: N/A Last modified: N/A

SecureTransport 5.1 SP2 Patch 4 (or SecureTransport 5.1 SP3) for Windows Server 2008 R2 was released to correct this issue.


SecureTransport 4.9.2 SP2 Patch 59 for Windows Server 2008 R2 was released to correct this issue.

CVE-2012-3197 3.5 Network 5.1.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST 5.1.

CVE-2012-3180 4.0 Network 5.1.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST 5.1.

CVE-2012-3177 6.8 Network 4.x
5.0.x
5.1.x
5.2.x
N/A -
Added: N/A Last modified: N/A

Despite there are MySQL 5.0.x versions affected, version 5.0.72 is not listed as affected based on the information provided by NVD. The issue is considered not applicable for ST.

CVE-2012-3173 4.0 Network 5.1.x and 5.2.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3167 3.5 Network 5.1.x
5.2.x
N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3166 4.0 Network 3.x, 4.x
5.0.x, 5.1.x
5.2.x
N/A -
Added: N/A Last modified: N/A

Despite there are MySQL 5.0.x versions affected, version 5.0.72 is not listed as affected based on the information provided by NVD. The issue is considered not applicable for ST.

CVE-2012-3163 9.0 Network 5.1.x
5.2.x
N/A -
Added: N/A Last modified: N/A

The Base Score is 9.0 only for Windows. For Linux, Unix and other platforms, the Base Score is 6.5. MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3160 2.1 Local 5.0.x
5.1.x
5.2.x
N/A -
Added: N/A Last modified: N/A

Despite there are MySQL 5.0.x versions affected, version 5.0.72 is not listed as affected based on the information provided by NVD. The issue is considered not applicable for ST.

CVE-2012-3158 7.5 Network 5.1.x
5.2.x
N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3156 3.5 Network 5.2.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3150 4.0 Network 5.1.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3149 3.5 Network 5.1.x N/A KBARTICLELINK
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3147 6.4 Network 5.1.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-3144 4.0 Network 5.1.x N/A -
Added: N/A Last modified: N/A

MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST.

CVE-2012-1703 6.8 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-1697 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-1696 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-1690 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-1688 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0583 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database and MyISAM is used only with the st_version table.

CVE-2012-0496 4.3 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0495 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0493 2.1 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0492 2.1 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0491 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0490 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0489 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0488 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0487 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0486 5.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0485 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0484 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0120 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0119 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0118 4.9 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0117 3.5 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0116 4.9 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0115 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0113 5.5 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0112 3.5 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0102 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0101 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0087 4.0 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0075 1.7 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as remote users should not have access to the database.

CVE-2012-0053 4.3 Network 5.1 N/A KB156106
Added: N/A Last modified: N/A

Covered by KB156106.

CVE-2012-0031 4.6 Local 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST as it can be caused only by user with access to the server memory.

CVE-2012-0021 2.6 Network 5.1 N/A -
Added: N/A Last modified: N/A

This is not applicable for ST.