CVE-2012-1573

2012-03-2600:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.956 High

EPSS

Percentile

99.4%

JSON

gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15
does not properly handle data encrypted with a block cipher, which allows
remote attackers to cause a denial of service (heap memory corruption and
application crash) via a crafted record, as demonstrated by a crafted
GenericBlockCipher structure.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchgnutls13< 2.0.4-1ubuntu2.7UNKNOWN
ubuntu10.04noarchgnutls26< 2.8.5-2ubuntu0.1UNKNOWN
ubuntu10.10noarchgnutls26< 2.8.6-1ubuntu0.1UNKNOWN
ubuntu11.04noarchgnutls26< 2.8.6-1ubuntu2.1UNKNOWN
ubuntu11.10noarchgnutls26< 2.10.5-1ubuntu3.1UNKNOWN
ubuntu12.04noarchgnutls26< 2.12.14-5ubuntu3UNKNOWN
ubuntu12.10noarchgnutls26< 2.12.14-5ubuntu3UNKNOWN
ubuntu13.04noarchgnutls26< 2.12.14-5ubuntu3UNKNOWN
ubuntu13.10noarchgnutls26< 2.12.14-5ubuntu3UNKNOWN
ubuntu14.04noarchgnutls26< 2.12.14-5ubuntu3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	gnutls13	< 2.0.4-1ubuntu2.7	UNKNOWN
ubuntu	10.04	noarch	gnutls26	< 2.8.5-2ubuntu0.1	UNKNOWN
ubuntu	10.10	noarch	gnutls26	< 2.8.6-1ubuntu0.1	UNKNOWN
ubuntu	11.04	noarch	gnutls26	< 2.8.6-1ubuntu2.1	UNKNOWN
ubuntu	11.10	noarch	gnutls26	< 2.10.5-1ubuntu3.1	UNKNOWN
ubuntu	12.04	noarch	gnutls26	< 2.12.14-5ubuntu3	UNKNOWN
ubuntu	12.10	noarch	gnutls26	< 2.12.14-5ubuntu3	UNKNOWN
ubuntu	13.04	noarch	gnutls26	< 2.12.14-5ubuntu3	UNKNOWN
ubuntu	13.10	noarch	gnutls26	< 2.12.14-5ubuntu3	UNKNOWN
ubuntu	14.04	noarch	gnutls26	< 2.12.14-5ubuntu3	UNKNOWN