Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-6089
cwe-119
nvd
cve-2012-6089
buffer overflow
swi-prolog
denial of service
arbitrary code execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
High
0.027 Low
EPSS
Percentile
90.6%
Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.
Affected configurations
Node
swi-prologswi-prologRange≤6.2.4
ORswi-prologswi-prologMatch5.6.50
ORswi-prologswi-prologMatch5.6.51
ORswi-prologswi-prologMatch5.6.52
ORswi-prologswi-prologMatch5.6.53
ORswi-prologswi-prologMatch5.6.54
ORswi-prologswi-prologMatch5.6.55
ORswi-prologswi-prologMatch5.6.56
ORswi-prologswi-prologMatch5.6.57
ORswi-prologswi-prologMatch5.6.58
ORswi-prologswi-prologMatch5.6.59
ORswi-prologswi-prologMatch5.6.61
ORswi-prologswi-prologMatch5.6.62
ORswi-prologswi-prologMatch5.6.63
ORswi-prologswi-prologMatch5.6.64
ORswi-prologswi-prologMatch5.8.0
ORswi-prologswi-prologMatch5.8.1
ORswi-prologswi-prologMatch5.8.2
ORswi-prologswi-prologMatch5.8.3
ORswi-prologswi-prologMatch5.10.0
ORswi-prologswi-prologMatch5.10.1
ORswi-prologswi-prologMatch5.10.2
ORswi-prologswi-prologMatch5.10.3
ORswi-prologswi-prologMatch5.10.4
ORswi-prologswi-prologMatch5.10.5
ORswi-prologswi-prologMatch6.0.0
ORswi-prologswi-prologMatch6.0.1
ORswi-prologswi-prologMatch6.0.2
ORswi-prologswi-prologMatch6.2.0
ORswi-prologswi-prologMatch6.2.1
ORswi-prologswi-prologMatch6.2.2
ORswi-prologswi-prologMatch6.2.3
Node
swi-prologswi-prologMatch6.3.0
ORswi-prologswi-prologMatch6.3.1
ORswi-prologswi-prologMatch6.3.2
ORswi-prologswi-prologMatch6.3.3
ORswi-prologswi-prologMatch6.3.4
ORswi-prologswi-prologMatch6.3.5
ORswi-prologswi-prologMatch6.3.6
Related
ubuntucve
ubuntucve
CVE-2012-6089
2013-01-04 00:00:00
nvd
nvd
CVE-2012-6089
2013-01-04 11:52:15
debiancve
debiancve
CVE-2012-6089
2022-10-03 16:15:28
prion
prion
Stack overflow
2013-01-04 11:52:00
cvelist
cvelist
CVE-2012-6089
2022-10-03 16:15:28
gentoo
gentoo
SWI-Prolog : Multiple vulnerabilities
2013-12-06 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: pl-6.0.2-4.fc17
2013-01-15 02:36:12
[SECURITY] Fedora 16 Update: pl-5.10.2-9.fc16
2013-01-15 02:24:05
[SECURITY] Fedora 18 Update: pl-6.0.2-5.fc18
2013-01-15 02:37:44
openvas
openvas
Fedora Update for pl FEDORA-2013-0225
2013-01-15 00:00:00
Fedora Update for pl FEDORA-2013-0225
2013-01-15 00:00:00
Fedora Update for pl FEDORA-2013-0178
2013-01-21 00:00:00
nessus
nessus
Fedora 18 : pl-6.0.2-5.fc18 (2013-0178)
2013-01-15 00:00:00
Fedora 16 : pl-5.10.2-9.fc16 (2013-0225)
2013-01-15 00:00:00
Fedora 17 : pl-6.0.2-4.fc17 (2013-0211)
2013-01-15 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
High
0.027 Low
EPSS
Percentile
90.6%
Related for CVE-2012-6089