Lucene search

PRIOn knowledge basePRION:CVE-2012-0804

HistoryMay 29, 2012 - 8:55 p.m.

Heap overflow

2012-05-2920:55:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.5%

JSON

Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.

CPENameOperatorVersion
cvseq1.11
cvseq1.12

CPE	Name	Operator	Version
	cvs	eq	1.11
	cvs	eq	1.12

References

lists.opensuse.org/opensuse-updates/2012-02/msg00064.html

rhn.redhat.com/errata/RHSA-2012-0321.html

secunia.com/advisories/47869

secunia.com/advisories/48063

secunia.com/advisories/48142

secunia.com/advisories/48150

ubuntu.com/usn/usn-1371-1

www.debian.org/security/2012/dsa-2407

www.mandriva.com/security/advisories?name=MDVSA-2012:044

www.osvdb.org/78987

www.securityfocus.com/bid/51943

www.securitytracker.com/id?1026719

bugzilla.redhat.com/show_bug.cgi?id=784141

exchange.xforce.ibmcloud.com/vulnerabilities/73097

security.gentoo.org/glsa/201701-44

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.5%

JSON

Related for PRION:CVE-2012-0804