Lucene search

[email protected]NVD:CVE-2012-4552

HistoryNov 18, 2012 - 11:55 p.m.

CVE-2012-4552

2012-11-1823:55:01

CWE-119

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.177 Low

EPSS

Percentile

96.2%

JSON

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.

Affected configurations

NVD

Node

steve_j_bakerplibMatch1.8.5

References

lists.fedoraproject.org/pipermail/package-announce/2012-November/091932.html

lists.fedoraproject.org/pipermail/package-announce/2012-November/091937.html

lists.fedoraproject.org/pipermail/package-announce/2012-November/091964.html

lists.opensuse.org/opensuse-security-announce/2012-11/msg00013.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00015.html

secunia.com/advisories/51340

www.openwall.com/lists/oss-security/2012/10/29/9

www.osvdb.org/87001

bugzilla.redhat.com/show_bug.cgi?id=871187

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.177 Low

EPSS

Percentile

96.2%

JSON

Related for NVD:CVE-2012-4552

cve1 nessus6 fedora3 openvas6 prion1 cvelist1 freebsd1 gentoo1 ubuntucve1 debiancve1 suse2