Lucene search
UbuntuUSN-2056-1HistoryDec 16, 2013 - 12:00 a.m.
DjVuLibre vulnerability
2013-12-1600:00:00
ubuntu.com
40
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.068
Percentile
94.0%
Releases
- Ubuntu 12.04
Packages
- djvulibre - DjVu image format library and tools
Details
It was discovered that DjVuLibre incorrectly handled certain memory
operations. If a user or automated system were tricked into processing a
specially crafted DjVu file, applications could be made to crash, resulting
in a denial of service, or possibly execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | libdjvulibre21 | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | djview | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | djview3 | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | djvulibre-bin | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | djvulibre-dbg | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | djvulibre-desktop | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | djvuserve | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libdjvulibre-dev | < 3.5.24-9ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libdjvulibre-text | < 3.5.24-9ubuntu0.1 | UNKNOWN |
References
Related
gentoo
gentoo
DjVu: User-assisted execution of arbitrary code
2014-02-09 00:00:00
openvas
openvas
Debian Security Advisory DSA 2844-1 (djvulibre - arbitrary code execution)
2014-01-15 00:00:00
Ubuntu Update for djvulibre USN-2056-1
2013-12-17 00:00:00
Debian: Security Advisory (DSA-2844-1)
2014-01-14 00:00:00
debiancve
debiancve
CVE-2012-6535
2013-12-02 22:55:03
prion
prion
Memory corruption
2013-12-02 22:55:00
msvr
msvr
Vulnerability in DjVuLibre Could Allow Remote Code Execution
2013-03-19 00:00:00
debian
debian
[SECURITY] [DSA 2844-1] djvulibre security update
2014-01-15 06:55:18
nessus
nessus
GLSA-201402-13 : DjVu: User-assisted execution of arbitrary code
2014-02-10 00:00:00
Ubuntu 12.04 LTS : djvulibre vulnerability (USN-2056-1)
2013-12-17 00:00:00
Debian DSA-2844-1 : djvulibre - arbitrary code execution
2014-01-16 00:00:00
ubuntucve
ubuntucve
CVE-2012-6535
2013-12-02 00:00:00
securityvulns
securityvulns
djvulibre code execution
2014-01-08 00:00:00
[USN-2056-1] DjVuLibre vulnerability
2014-01-08 00:00:00
cvelist
cvelist
CVE-2012-6535
2013-12-02 22:00:00
nvd
nvd
CVE-2012-6535
2013-12-02 22:55:03
cve
cve
CVE-2012-6535
2013-12-02 22:55:03
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.068
Percentile
94.0%
Related for USN-2056-1