Lucene search

K
prionPRIOn knowledge basePRION:CVE-2012-3445
HistoryAug 07, 2012 - 9:55 p.m.

Out-of-bounds

2012-08-0721:55:00
PRIOn knowledge base
www.prio-n.com
5

6.8 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.2%

The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.

CPENameOperatorVersion
libvirteq0.9.13

6.8 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.2%