The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-11-03T22:00:00
Updated: 2014-11-03T21:57:00
Reserved: 2012-10-24T00:00:00
Link: CVE-2012-5508
JSON object: View
NVD Information
Status : Modified
Published: 2014-11-03T22:55:05.883
Modified: 2023-11-07T02:12:33.197
Link: CVE-2012-5508
JSON object: View
Redhat Information
No data.
CWE