Lucene search

K

[email protected]CVE-2012-0065

HistoryOct 06, 2012 - 9:55 p.m.

CVE-2012-0065

2012-10-0621:55:00

CWE-119

[email protected]

web.nvd.nist.gov

25

cve-2012-0065

nvd

libusbmuxd

buffer overflow

arbitrary code

security vulnerability

7.4 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

42.5%

Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list.

CPENameOperatorVersion
nikias_bassen:usbmuxdnikias bassen usbmuxdeq1.0.6
nikias_bassen:usbmuxdnikias bassen usbmuxdeq1.0.5
nikias_bassen:usbmuxdnikias bassen usbmuxdeq1.0.7

References

git.marcansoft.com/?p=usbmuxd.git%3Ba=commitdiff%3Bh=f794991993af56a74795891b4ff9da506bc893e6

openwall.com/lists/oss-security/2012/01/19/25

openwall.com/lists/oss-security/2012/01/19/26

secunia.com/advisories/47545

www.mandriva.com/security/advisories?name=MDVSA-2012:133

www.mandriva.com/security/advisories?name=MDVSA-2013:133

www.securityfocus.com/bid/51573

bugs.gentoo.org/show_bug.cgi?id=399409

exchange.xforce.ibmcloud.com/vulnerabilities/72546

wiki.mageia.org/en/Support/Advisories/MGASA-2012-0228

7.4 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

42.5%

Related for CVE-2012-0065

nessus9 fedora2 openvas10 ubuntu1 ubuntucve1 securityvulns2 cvelist1 prion1 gentoo1 debiancve1