CVE-2012-3466

Name of the Vulnerable Software and Affected Versions GNOME gnome-keyring versions 3.4.0 through 3.4.1

Description The issue is related to the caching of passphrases in GNOME gnome-keyring. When the gpg-cache-method is set to "idle" or "timeout", the software does not properly limit the amount of time a passphrase is cached. This could allow attackers to have an unspecified impact, although the exact attack vectors are not specified.

Recommendations For versions 3.4.0 through 3.4.1, consider changing the gpg-cache-method setting to a more secure option to mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.