VYPR
Unrated severityNVD Advisory· Published Jul 25, 2012· Updated Jun 16, 2026

CVE-2012-2760

CVE-2012-2760

Description

mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:findingscience:mod_auth_openid:0.1:*:*:*:*:apache:*:*+ 7 more
    • cpe:2.3:a:findingscience:mod_auth_openid:0.1:*:*:*:*:apache:*:*
    • cpe:2.3:a:findingscience:mod_auth_openid:0.2.1:*:*:*:*:apache:*:*
    • cpe:2.3:a:findingscience:mod_auth_openid:0.2:*:*:*:*:apache:*:*
    • cpe:2.3:a:findingscience:mod_auth_openid:0.3:*:*:*:*:apache:*:*
    • cpe:2.3:a:findingscience:mod_auth_openid:0.4:*:*:*:*:apache:*:*
    • cpe:2.3:a:findingscience:mod_auth_openid:0.5:*:*:*:*:apache:*:*
    • cpe:2.3:a:findingscience:mod_auth_openid:*:*:*:*:*:apache:*:*range: <=0.6
    • (no CPE)range: <0.7

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.