Lucene search

K
cve[email protected]CVE-2012-3368
HistoryJul 03, 2012 - 9:55 p.m.

CVE-2012-3368

2012-07-0321:55:01
CWE-189
web.nvd.nist.gov
19
cve-2012-3368
integer signedness error
attach.c
dtach 0.8
remote attackers
sensitive information
daemon stack memory
irc client

6.1 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.5%

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

Affected configurations

NVD
Node
redhatdtachMatch0.8
CPENameOperatorVersion
redhat:dtachredhat dtacheq0.8

6.1 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.5%