[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-0065Date: (C)2012-10-06   (M)2023-12-22


Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.6
Exploit Score: 3.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-47545
BID-51573
MDVSA-2012:133
MDVSA-2013:133
http://openwall.com/lists/oss-security/2012/01/19/25
http://openwall.com/lists/oss-security/2012/01/19/26
http://git.marcansoft.com/?p=usbmuxd.git%3Ba=commitdiff%3Bh=f794991993af56a74795891b4ff9da506bc893e6
https://bugs.gentoo.org/show_bug.cgi?id=399409
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0228
usbmuxd-libusbmuxd-bo(72546)

CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:302950
oval:org.secpod.oval:def:103349
oval:org.secpod.oval:def:103366

© SecPod Technologies