Lucene search
RedhatCVELIST:CVE-2012-4465HistoryOct 10, 2012 - 6:00 p.m.
CVE-2012-4465
2012-10-1018:00:00
redhat
www.cve.org
2
Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the “Author” field in a commit.
References
git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec
hjemli.net/pipermail/cgit/2012-July/000652.html
secunia.com/advisories/50734
www.openwall.com/lists/oss-security/2012/09/30/1
www.openwall.com/lists/oss-security/2012/10/03/7
www.securityfocus.com/bid/55724
bugzilla.redhat.com/show_bug.cgi?id=820733
Related
nessus
nessus
openSUSE Security Update : cgit (openSUSE-SU-2012:1421-1)
2014-06-13 00:00:00
openSUSE Security Update : cgit (openSUSE-SU-2012:1422-1)
2014-06-13 00:00:00
openvas
openvas
openSUSE: Security Advisory for update (openSUSE-SU-2012:1421-1)
2012-12-13 00:00:00
SuSE Update for update openSUSE-SU-2012:1422-1 (update)
2013-03-11 00:00:00
SuSE Update for update openSUSE-SU-2012:1421-1 (update)
2012-12-13 00:00:00
prion
prion
Heap overflow
2012-10-10 18:55:00
debiancve
debiancve
CVE-2012-4465
2012-10-10 18:55:05
cve
cve
CVE-2012-4465
2012-10-10 18:55:05
nvd
nvd
CVE-2012-4465
2012-10-10 18:55:05
suse
suse
update for cgit (important)
2012-10-31 16:11:53
update for cgit (important)
2012-10-31 16:12:06
fedora
fedora
[SECURITY] Fedora 17 Update: cgit-0.9.1-2.fc17
2012-11-28 11:28:50
[SECURITY] Fedora 16 Update: cgit-0.9.1-2.fc16
2012-11-28 11:46:45
[SECURITY] Fedora 17 Update: cgit-0.9.2-1.fc17
2013-06-06 01:37:26
osv
osv
cgit-1.0-1.3 on GA media
2024-06-15 00:00:00