Hand-Picked Top-Read Stories

g5-cyber-security-post-cover-dark-blue-v1 - Blog - G5 Cyber Security

CVE-2012-5055 – DaoAuthenticationProvider in VMware SpringSource Spring Security before 2

March 6, 2022

DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of login requests.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5055

Reference (s):

http://support.springsource.com/security/CVE-2012-5055

CVEs

CVE-2012-5054 – Integer overflow in the copyRawDataTo method in the Matrix3D class in Ado

March 6, 2022

CVEs

CVE-2012-5075 – Unspecified vulnerability in the Java Runtime Environment (JRE) component

March 6, 2022

Hand-Picked Top-Read Stories

Andrew Wheatley | The artificial intelligence and data protection conundrum

Delroy McLean | Dealing with cybersecurity

Historic Cyber workshop for the Caribbean

Trending Tags

CVE-2012-5055 – DaoAuthenticationProvider in VMware SpringSource Spring Security before 2

Previous Post

CVE-2012-5054 – Integer overflow in the copyRawDataTo method in the Matrix3D class in Ado

Next Post

CVE-2012-5075 – Unspecified vulnerability in the Java Runtime Environment (JRE) component

CVE-2012-5055 – DaoAuthenticationProvider in VMware SpringSource Spring Security before 2

Previous Post

Next Post

Related Posts