Published: 05/12/2019 Updated: 17/12/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apereo phpcas 1.2.2
fedoraproject fedora 15
fedoraproject fedora 16
debian debian linux 8.0

Debian Bug report logs - #662944 CVE-2012-1104 CVE-2012-1105 Package: glpi; Maintainer for glpi is Pierre Chifflier <pollux@debianorg>; Source for glpi is src:glpi (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Wed, 7 Mar 2012 13:33:02 UTC Severity: important Tags: security ...

CWE-200 http://www.openwall.com/lists/oss-security/2012/03/05/7 https://gitlab.vsb.cz/kal0178/sixmon/blob/b18bcde090dc38fc968a0b1e38d1dab08b8c369e/web/lib/CAS/CAS-1.3.5/docs/ChangeLog https://www.securityfocus.com/bid/52280 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1105 https://security-tracker.debian.org/tracker/CVE-2012-1105 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662944 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1105

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect