Lucene search

[email protected]CVE-2012-1176

HistoryAug 26, 2012 - 8:55 p.m.

CVE-2012-1176

2012-08-2620:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-1176

buffer overflow

pyfribidi

denial of service

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

Low

0.097 Low

EPSS

Percentile

94.9%

JSON

Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi before 0.11.0 allows remote attackers to cause a denial of service (application crash) via a 4-byte utf-8 sequence.

Affected configurations

NVD

Node

fribidipyfribidiRange≤0.10.9

CPENameOperatorVersion
fribidi:pyfribidifribidi pyfribidile0.10.9

CPE	Name	Operator	Version
fribidi:pyfribidi	fribidi pyfribidi	le	0.10.9

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=663189

groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/aacd036037217998/8d095f85f3665bff?lnk=raot

lists.fedoraproject.org/pipermail/package-announce/2012-March/075293.html

lists.fedoraproject.org/pipermail/package-announce/2012-March/076038.html

lists.fedoraproject.org/pipermail/package-announce/2012-March/076053.html

www.openwall.com/lists/oss-security/2012/03/14/4

www.openwall.com/lists/oss-security/2012/03/14/9

www.securityfocus.com/bid/52451

bugzilla.redhat.com/show_bug.cgi?id=801896

bugzilla.wikimedia.org/show_bug.cgi?id=35055

exchange.xforce.ibmcloud.com/vulnerabilities/74001

github.com/pediapress/pyfribidi/commit/d2860c655357975e7b32d84e6b45e98f0dcecd7a

github.com/pediapress/pyfribidi/issues/2%29:

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

Low

0.097 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2012-1176

openvas6 ubuntucve1 cvelist1 github1 nessus3 osv1 debiancve1 prion1 nvd1