Lucene search
Ubuntu.comUB:CVE-2012-2118HistoryMay 18, 2012 - 12:00 a.m.
CVE-2012-2118
2012-05-1800:00:00
ubuntu.com
ubuntu.com
8
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.6%
Format string vulnerability in the LogVHdrMessageVerb function in os/log.c
in X.Org X11 1.11 allows attackers to cause a denial of service or possibly
execute arbitrary code via format string specifiers in an input device
name.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/996250>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673148>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2118>
Notes
| Author | Note |
|---|---|
| jdstrand | Reducing priority because we build with -D_FORTIFY_SOURCE=2 and as of USN-1396-1, Ubuntu’s glibc is patched to fix (CVE-2012-0864), so this is reduced to a denial of service. per upstream, only 1.10 and higher are affected: http://lists.x.org/pipermail/xorg-devel/2012-May/031411.html |
| sbeattie | with experimentation, was not able to cause the 1.10 server to crash in natty and oneiric, marking those not-affected |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | xorg-server | < 2:1.11.4-0ubuntu10.5 | UNKNOWN |
Related
nessus
nessus
Mandriva Linux Security Advisory : x11-server (MDVSA-2013:139)
2013-04-20 00:00:00
Ubuntu 12.04 LTS : xorg-server vulnerability (USN-1502-1)
2012-07-12 00:00:00
CentOS 5 : glibc (CESA-2012:0397)
2012-03-21 00:00:00
openvas
openvas
Ubuntu Update for xorg-server USN-1502-1
2012-07-16 00:00:00
Gentoo Security Advisory GLSA 201207-04 (xorg-server)
2012-08-10 00:00:00
Ubuntu: Security Advisory (USN-1502-1)
2012-07-16 00:00:00
debiancve
debiancve
CVE-2012-2118
2012-05-18 22:55:00
cve
cve
CVE-2012-2118
2012-05-18 22:55:00
CVE-2012-0864
2013-05-02 14:55:00
gentoo
gentoo
X.Org X Server: Privilege escalation
2012-07-09 00:00:00
GNU C Library: Multiple vulnerabilities
2013-12-03 00:00:00
ubuntu
ubuntu
X.Org X Server vulnerability
2012-07-11 00:00:00
GNU C Library vulnerabilities
2012-03-09 00:00:00
redhat
redhat
(RHSA-2012:0397) Moderate: glibc security update
2012-03-19 00:00:00
(RHSA-2012:0393) Moderate: glibc security and bug fix update
2012-03-15 00:00:00
(RHSA-2012:0488) Important: rhev-hypervisor5 security and bug fix update
2012-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: glibc-2.14.1-6
2012-03-08 03:55:46
[SECURITY] Fedora 15 Update: glibc-2.14.1-6
2012-03-08 05:00:09
[SECURITY] Fedora 16 Update: glibc-2.14.90-24.fc16.6
2012-02-25 08:36:01
centos
centos
glibc, nscd security update
2012-03-20 02:12:41
glibc, nscd security update
2012-03-15 22:58:20
prion
prion
Format string
2012-05-18 22:55:00
Integer overflow
2013-05-02 14:55:00
oraclelinux
oraclelinux
glibc security and bug fix update
2012-03-15 00:00:00
glibc security update
2012-03-19 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:11:22
ubuntucve
ubuntucve
CVE-2012-0864
2012-02-23 00:00:00
amazon
amazon
Medium: glibc
2012-03-23 14:15:00
zdt
zdt
Sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit
2013-05-01 00:00:00
seebug
seebug
sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass
2014-07-01 00:00:00
exploitpack
exploitpack
exploitdb
exploitdb
securityvulns
securityvulns
glibc multiple security vulnerabilities
2012-03-10 00:00:00
[USN-1396-1] GNU C Library vulnerabilities
2012-03-10 00:00:00
VMSA-2012-0018 VMware security updates for vCSA and ESXi
2013-01-02 00:00:00
vmware
vmware
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.6%
Related for UB:CVE-2012-2118