Lucene search

[email protected]NVD:CVE-2012-4552

HistoryNov 18, 2012 - 11:55 p.m.

CVE-2012-4552

2012-11-1823:55:01

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.177

Percentile

96.2%

JSON

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.

Affected configurations

Nvd

Node

steve_j_bakerplibMatch1.8.5

VendorProductVersionCPE
steve_j_bakerplib1.8.5cpe:2.3:a:steve_j_baker:plib:1.8.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
steve_j_baker	plib	1.8.5	cpe:2.3:a:steve_j_baker:plib:1.8.5:::::::*

References

lists.fedoraproject.org/pipermail/package-announce/2012-November/091932.html

lists.fedoraproject.org/pipermail/package-announce/2012-November/091937.html

lists.fedoraproject.org/pipermail/package-announce/2012-November/091964.html

lists.opensuse.org/opensuse-security-announce/2012-11/msg00013.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00015.html

secunia.com/advisories/51340

www.openwall.com/lists/oss-security/2012/10/29/9

www.osvdb.org/87001

bugzilla.redhat.com/show_bug.cgi?id=871187

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.177

Percentile

96.2%

JSON

Related for NVD:CVE-2012-4552

nessus6 fedora3 cve1 openvas6 prion1 cvelist1 exploitdb1 freebsd1 gentoo1 debiancve1 ubuntucve1 suse2