Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-3445
HistoryAug 07, 2012 - 12:00 a.m.

CVE-2012-3445

2012-08-0700:00:00
ubuntu.com
ubuntu.com
7

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.0%

JSON

The virTypedParameterArrayClear function in libvirt 0.9.13 does not
properly handle virDomain* API calls with typed parameters, which might
allow remote authenticated users to cause a denial of service (libvirtd
crash) via an RPC command with nparams set to zero, which triggers an
out-of-bounds read or a free of an invalid pointer.

Bugs

Notes

Author Note
mdeslaur precise and earlier don’t have virTypedParameterArrayClear, so no invalid free possible.

Related

debiancve 1
openvas 15
nessus 8
prion 1
oraclelinux 1
veracode 1
redhat 2
cve 1
centos 1
fedora 5
osv 16
debiancve
debiancve
CVE-2012-3445
2012-08-07 21:55:00
openvas
openvas
RedHat Update for libvirt RHSA-2012:1202-01
2012-08-24 00:00:00
RedHat Update for libvirt RHSA-2012:1202-01
2012-08-24 00:00:00
Oracle: Security Advisory (ELSA-2012-1202)
2015-10-06 00:00:00
nessus
nessus
Fedora 17 : libvirt-0.9.11.5-3.fc17 (2012-12523)
2012-09-05 00:00:00
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20120823)
2012-08-24 00:00:00
openSUSE Security Update : libvirt (openSUSE-SU-2012:0991-1)
2014-06-13 00:00:00
prion
prion
Out-of-bounds
2012-08-07 21:55:00
oraclelinux
oraclelinux
libvirt security and bug fix update
2012-08-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:56:15
redhat
redhat
(RHSA-2012:1202) Moderate: libvirt security and bug fix update
2012-08-23 00:00:00
(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update
2012-10-02 00:00:00
cve
cve
CVE-2012-3445
2012-08-07 21:55:00
centos
centos
libvirt security update
2012-08-24 01:09:18
fedora
fedora
[SECURITY] Fedora 17 Update: libvirt-0.9.11.5-3.fc17
2012-09-04 22:56:31
[SECURITY] Fedora 16 Update: libvirt-0.9.6.2-1.fc16
2012-08-22 21:11:41
[SECURITY] Fedora 17 Update: libvirt-0.9.11.6-1.fc17
2012-10-15 23:29:57
osv
osv
CVE-2022-0897
2022-03-25 19:15:10
CVE-2020-25637
2020-10-06 14:15:12
CVE-2020-12430
2020-04-28 20:15:12

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.0%

JSON
Related for UB:CVE-2012-3445
debiancve1openvas15nessus8prion1oraclelinux1veracode1redhat2cve1centos1fedora5osv16