Lucene search

K

[email protected]NVD:CVE-2012-6656

HistoryDec 05, 2014 - 4:59 p.m.

CVE-2012-6656

2014-12-0516:59:00

CWE-20

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.0%

iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of “0xffff” to the iconv function when converting IBM930 encoded data to UTF-8.

Affected configurations

NVD

Node

debiandebian_linuxMatch7.0

Node

canonicalubuntu_linuxMatch10.04lts

OR

canonicalubuntu_linuxMatch12.04lts

OR

canonicalubuntu_linuxMatch14.04lts

OR

canonicalubuntu_linuxMatch14.10

Node

gnuglibcRange≤2.16

References

www.debian.org/security/2015/dsa-3142

www.mandriva.com/security/advisories?name=MDVSA-2014:175

www.openwall.com/lists/oss-security/2014/08/29/3

www.openwall.com/lists/oss-security/2014/09/02/1

www.securityfocus.com/bid/69472

www.ubuntu.com/usn/USN-2432-1

security.gentoo.org/glsa/201503-04

sourceware.org/bugzilla/show_bug.cgi?id=14134

sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.0%

Related for NVD:CVE-2012-6656

nessus12 f52 debiancve1 prion1 cve1 ubuntucve1 cvelist1 securityvulns1 openvas11 debian2 ubuntu1 osv2 suse2 altlinux1 gentoo1