Lucene search
RedhatCVE-2012-5580HistoryOct 27, 2014 - 10:55 p.m.
CVE-2012-5580
2014-10-2722:55:09
CWE-94
redhat
web.nvd.nist.gov
21
cve
2012
5580
format string
vulnerability
libproxy
denial of service
code execution
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
High
EPSS
0.012
Percentile
85.3%
Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.
Affected configurations
Node
libproxy_projectlibproxyMatch0.3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| libproxy_project | libproxy | 0.3.1 | cpe:2.3:a:libproxy_project:libproxy:0.3.1:*:*:*:*:*:*:* |
Related
fedora
fedora
[SECURITY] Fedora 18 Update: libproxy-0.4.11-1.fc18
2013-01-12 01:05:03
[SECURITY] Fedora 17 Update: libproxy-0.4.11-1.fc17
2013-03-10 01:01:36
nessus
nessus
RHEL 6 : libproxy (Unpatched Vulnerability)
2024-06-03 00:00:00
Fedora 17 : libproxy-0.4.11-1.fc17 (2012-20092)
2013-03-11 00:00:00
Fedora 18 : libproxy-0.4.11-1.fc18 (2012-19879)
2013-01-14 00:00:00
nvd
nvd
CVE-2012-5580
2014-10-27 22:55:09
debiancve
debiancve
CVE-2012-5580
2014-10-27 22:55:09
prion
prion
Format string
2014-10-27 22:55:00
ubuntucve
ubuntucve
CVE-2012-5580
2014-10-27 00:00:00
cvelist
cvelist
CVE-2012-5580
2014-10-27 22:00:00
openvas
openvas
Fedora Update for libproxy FEDORA-2012-20092
2013-03-12 00:00:00
Fedora Update for libproxy FEDORA-2012-20092
2013-03-12 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
High
EPSS
0.012
Percentile
85.3%
Related for CVE-2012-5580