CVE-2012-0804

Executive Summary

Informations
Name	CVE-2012-0804	First vendor Publication	2012-05-29
Vendor	Cve	Last vendor Modification	2013-04-01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804

CWE : Common Weakness Enumeration

id	Name
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

Type	Description	Count
Application	Cvs Cvs cpe:/a:cvs:cvs:1.12 cpe:/a:cvs:cvs:1.11	2

Internal Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/51943
DEBIAN	http://www.debian.org/security/2012/dsa-2407
MISC	https://bugzilla.redhat.com/show_bug.cgi?id=784141
OSVDB	http://www.osvdb.org/78987
REDHAT	http://rhn.redhat.com/errata/RHSA-2012-0321.html
SECTRACK	http://www.securitytracker.com/id?1026719
SECUNIA	http://secunia.com/advisories/47869 http://secunia.com/advisories/48063 http://secunia.com/advisories/48142 http://secunia.com/advisories/48150
SUSE	http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html
UBUNTU	http://ubuntu.com/usn/usn-1371-1
XF	http://xforce.iss.net/xforce/xfdb/73097

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 22:33:53	Multiple Updates
2013-04-03 13:19:17	Multiple Updates

Related	Severity
USN-1371-1	(Critical)
RHSA-2012:0321	(Critical)
MDVSA-2012:044	(Critical)
DSA-2407	(Critical)

Copyright Security-Database 2006-2013 - Powered by themself ;) in 0.0356s

Facebook rss twitter linkedin mail