CVE-2012-4929

Debian Linux - Information Disclosure via TLS Compression Length Oracle

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-4929. PoCs published by mpgn, anthophilee.

AI-analyzed exploit summary This repository contains a proof-of-concept implementation of the CRIME attack (CVE-2012-4929), demonstrating how compression oracle attacks can be used to decrypt encrypted data by exploiting differences in compressed data lengths. The PoC includes implementations for both AES-CBC and RC4 cipher modes.

Description

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.

Exploits (2)

nomisec WORKING POC 30 stars
by mpgn · poc
https://github.com/mpgn/CRIME-poc

This repository contains a proof-of-concept implementation of the CRIME attack (CVE-2012-4929), demonstrating how compression oracle attacks can be used to decrypt encrypted data by exploiting differences in compressed data lengths. The PoC includes implementations for both AES-CBC and RC4 cipher modes.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: TLS/SSL implementations using compression (e.g., HTTPS, SPDY)
No auth needed
Prerequisites: Ability to intercept and modify encrypted traffic · Target must use compression before encryption
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER 5 stars
by anthophilee · poc
https://github.com/anthophilee/A2SV--SSL-VUL-Scan

This repository contains a Python-based scanner tool (A2SV) designed to detect multiple SSL/TLS vulnerabilities, including CVE-2015-0204 (FREAK Attack). It automates the scanning process for various CVEs by leveraging Python scripts and dependencies.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: SSL/TLS implementations (various versions)
No auth needed
Prerequisites: Python 2.x · pip2 · git · network access to target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (34)

Core 34
Core References
Various Sources x_refsource_misc
https://gist.github.com/3696912
Various Sources x_refsource_confirm
https://chromiumcodereview.appspot.com/10825183
Various Sources x_refsource_misc
https://github.com/mpgn/CRIME-poc
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=136612293908376&w=2
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0587.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2579
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1898-1
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3253
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html
Various Sources x_refsource_misc
http://news.ycombinator.com/item?id=4510829
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5784
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1627-1
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2013/dsa-2627
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/55704
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1628-1
Various Sources x_refsource_misc
http://www.ekoparty.org/2012/thai-duong.php
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN65273415/index.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=857051

Scores

EPSS 0.0427
EPSS Percentile 89.8%

Details

CWE
CWE-310
Status published
Products (4)
debian/debian_linux 7.0
debian/debian_linux 8.0
google/chrome
mozilla/firefox
Published Sep 15, 2012
Tracked Since Feb 18, 2026