[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2012-0065

Date: (C)2012-10-06   (M)2017-08-29
 
CVSS Score: 4.6Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list.

Reference:
SECUNIA-47545
BID-51573
MDVSA-2012:133
MDVSA-2013:133
http://openwall.com/lists/oss-security/2012/01/19/25
http://openwall.com/lists/oss-security/2012/01/19/25
http://openwall.com/lists/oss-security/2012/01/19/26
http://openwall.com/lists/oss-security/2012/01/19/26
http://git.marcansoft.com/?p=usbmuxd.git;a=commitdiff;h=f794991993af56a74795891b4ff9da506bc893e6
https://bugs.gentoo.org/show_bug.cgi?id=399409
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0228
usbmuxd-libusbmuxd-bo(72546)

CPE    3
cpe:/a:nikias_bassen:usbmuxd:1.0.7
cpe:/a:nikias_bassen:usbmuxd:1.0.5
cpe:/a:nikias_bassen:usbmuxd:1.0.6
CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:302950
oval:org.secpod.oval:def:103349
oval:org.secpod.oval:def:103366

© 2013 SecPod Technologies