Lucene search

PRIOn knowledge basePRION:CVE-2012-6656

HistoryDec 05, 2014 - 4:59 p.m.

Out-of-bounds

2014-12-0516:59:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.6%

JSON

iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of “0xffff” to the iconv function when converting IBM930 encoded data to UTF-8.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ubuntu_linuxeq14.10
ubuntu_linuxeq14.04
ubuntu_linuxeq10.04
debian_linuxeq7.0
glibcle2.16

Name	Operator	Version
ubuntu_linux	eq	12.04
ubuntu_linux	eq	14.10
ubuntu_linux	eq	14.04
ubuntu_linux	eq	10.04
debian_linux	eq	7.0
glibc	le	2.16

References

www.debian.org/security/2015/dsa-3142

www.mandriva.com/security/advisories?name=MDVSA-2014:175

www.openwall.com/lists/oss-security/2014/08/29/3

www.openwall.com/lists/oss-security/2014/09/02/1

www.securityfocus.com/bid/69472

www.ubuntu.com/usn/USN-2432-1

security.gentoo.org/glsa/201503-04

sourceware.org/bugzilla/show_bug.cgi?id=14134

sourceware.org/git/?p=glibc.git;a=commit;h=6e230d11837f3ae7b375ea69d7905f0d18eb79e5

6.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.6%

JSON

Related for PRION:CVE-2012-6656