KB Article #179733
Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2012
List of possible security vulnerabilities reported against SecureTransport and corresponding analysis based on Axway's research.
NOTE: This KB lists only the vulnerabilities, tagged with the year 2012. For CVEs from other years, refer to the following articles:
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2018
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2017
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2016
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2015
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2014
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2013
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2011
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2010
⇒ Security Vulnerabilities (CVE) reported against SecureTransport tagged with the year 2009 and earlier
Additional lists of security vulnerabilities reported against SecureTransport application without formal CVE/CWE identifiers or against ST appliance platforms can be found at :
- Security vulnerabilities reported against SecureTransport, without formal CVE or CWE identifier
- Security vulnerabilities reported against ST appliances
| CVE Reference | CVSS v2 Base Score | Attack Vector | Version Reported | Version Fixed | KB Article |
| CVE-2012-4431 | 4.3 | Network | 5.2.1 SP4 | 5.2.1 SP5 | - |
| Added: N/A | Last modified: N/A | ||||
|
Fixed with update of third party Tomcat module to version 7.0.57 in ST 5.2.1 SP5. |
|||||
| CVE-2012-5568 | 5.0 | Network | 4.9.2 SP2 5.1 SP2 |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not considered a bug by the Apache Organization and it can be mitigated at network level. |
|||||
| CVE-2012-4991 | 8.5 | Network | 5.1 SP2 4.9.2 SP2 |
5.1 SP2 P4 4.9.2 SP2 P59 |
- |
| Added: N/A | Last modified: N/A | ||||
|
SecureTransport 5.1 SP2 Patch 4 (or SecureTransport 5.1 SP3) for Windows Server 2008 R2 was released to correct this issue.
SecureTransport 4.9.2 SP2 Patch 59 for Windows Server 2008 R2 was released to correct this issue. |
|||||
| CVE-2012-3197 | 3.5 | Network | 5.1.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST 5.1. |
|||||
| CVE-2012-3180 | 4.0 | Network | 5.1.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST 5.1. |
|||||
| CVE-2012-3177 | 6.8 | Network | 4.x 5.0.x 5.1.x 5.2.x |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
Despite there are MySQL 5.0.x versions affected, version 5.0.72 is not listed as affected based on the information provided by NVD. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3173 | 4.0 | Network | 5.1.x and 5.2.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3167 | 3.5 | Network | 5.1.x 5.2.x |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3166 | 4.0 | Network | 3.x, 4.x 5.0.x, 5.1.x 5.2.x |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
Despite there are MySQL 5.0.x versions affected, version 5.0.72 is not listed as affected based on the information provided by NVD. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3163 | 9.0 | Network | 5.1.x 5.2.x |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
The Base Score is 9.0 only for Windows. For Linux, Unix and other platforms, the Base Score is 6.5. MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3160 | 2.1 | Local | 5.0.x 5.1.x 5.2.x |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
Despite there are MySQL 5.0.x versions affected, version 5.0.72 is not listed as affected based on the information provided by NVD. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3158 | 7.5 | Network | 5.1.x 5.2.x |
N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3156 | 3.5 | Network | 5.2.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3150 | 4.0 | Network | 5.1.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3149 | 3.5 | Network | 5.1.x | N/A | KBARTICLELINK |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3147 | 6.4 | Network | 5.1.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-3144 | 4.0 | Network | 5.1.x | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
MySQL 5.0.72 is not listed in the affected versions list. The issue is considered not applicable for ST. |
|||||
| CVE-2012-1703 | 6.8 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-1697 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-1696 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-1690 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-1688 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0583 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database and MyISAM is used only with the |
|||||
| CVE-2012-0496 | 4.3 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0495 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0493 | 2.1 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0492 | 2.1 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0491 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0490 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0489 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0488 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0487 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0486 | 5.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0485 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0484 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0120 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0119 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0118 | 4.9 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0117 | 3.5 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0116 | 4.9 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0115 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0113 | 5.5 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0112 | 3.5 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0102 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0101 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0087 | 4.0 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0075 | 1.7 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as remote users should not have access to the database. |
|||||
| CVE-2012-0053 | 4.3 | Network | 5.1 | N/A | KB156106 |
| Added: N/A | Last modified: N/A | ||||
|
Covered by KB156106. |
|||||
| CVE-2012-0031 | 4.6 | Local | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST as it can be caused only by user with access to the server memory. |
|||||
| CVE-2012-0021 | 2.6 | Network | 5.1 | N/A | - |
| Added: N/A | Last modified: N/A | ||||
|
This is not applicable for ST. |
|||||