ID de CVE:	CVE-2012-4929
Descripción:	The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
Prueba de IDs:	1.3.6.1.4.1.25623.1.0.72626   1.3.6.1.4.1.25623.1.0.892627   1.3.6.1.4.1.25623.1.0.841494   1.3.6.1.4.1.25623.1.0.123684   1.3.6.1.4.1.25623.1.0.841211   1.3.6.1.4.1.25623.1.0.702627   1.3.6.1.4.1.25623.1.1.4.2012.1428.1
Referencias Cruzadas:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4929 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html BugTraq ID: 55704 http://www.securityfocus.com/bid/55704 Debian Security Information: DSA-2579 (Google Search) http://www.debian.org/security/2012/dsa-2579 Debian Security Information: DSA-2627 (Google Search) http://www.debian.org/security/2013/dsa-2627 Debian Security Information: DSA-3253 (Google Search) http://www.debian.org/security/2015/dsa-3253 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html HPdes Security Advisory: HPSBUX02866 http://marc.info/?l=bugtraq&m=136612293908376&w=2 HPdes Security Advisory: SSRT101139 http://marc.info/?l=bugtraq&m=136612293908376&w=2 http://jvn.jp/en/jp/JVN65273415/index.html http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/ http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html http://news.ycombinator.com/item?id=4510829 http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312 http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512 http://www.ekoparty.org/2012/thai-duong.php http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091 http://www.theregister.co.uk/2012/09/14/crime_tls_attack/ https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls https://gist.github.com/3696912 https://github.com/mpgn/CRIME-poc https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920 RedHat Security Advisories: RHSA-2013:0587 http://rhn.redhat.com/errata/RHSA-2013-0587.html SuSE Security Announcement: openSUSE-SU-2012:1420 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html SuSE Security Announcement: openSUSE-SU-2013:0143 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html SuSE Security Announcement: openSUSE-SU-2013:0157 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html http://www.ubuntu.com/usn/USN-1627-1 http://www.ubuntu.com/usn/USN-1628-1 http://www.ubuntu.com/usn/USN-1898-1