Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-3445
HistoryAug 07, 2012 - 12:00 a.m.

CVE-2012-3445

2012-08-0700:00:00
ubuntu.com
ubuntu.com
11

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.011

Percentile

84.2%

JSON

The virTypedParameterArrayClear function in libvirt 0.9.13 does not
properly handle virDomain* API calls with typed parameters, which might
allow remote authenticated users to cause a denial of service (libvirtd
crash) via an RPC command with nparams set to zero, which triggers an
out-of-bounds read or a free of an invalid pointer.

Bugs

Notes

Author Note
mdeslaur precise and earlier don’t have virTypedParameterArrayClear, so no invalid free possible.

Related

nessus 8
debiancve 1
openvas 15
centos 1
veracode 1
redhat 2
cve 1
cvelist 1
nvd 1
prion 1
oraclelinux 1
fedora 5
osv 16
nessus
nessus
Fedora 16 : libvirt-0.9.6.2-1.fc16 (2012-11843)
2012-08-23 00:00:00
RHEL 6 : libvirt (RHSA-2012:1202)
2012-08-24 00:00:00
CentOS 6 : libvirt (CESA-2012:1202)
2012-08-27 00:00:00
debiancve
debiancve
CVE-2012-3445
2012-08-07 21:55:02
openvas
openvas
RedHat Update for libvirt RHSA-2012:1202-01
2012-08-24 00:00:00
CentOS Update for libvirt CESA-2012:1202 centos6
2012-08-24 00:00:00
CentOS Update for libvirt CESA-2012:1202 centos6
2012-08-24 00:00:00
centos
centos
libvirt security update
2012-08-24 01:09:18
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:56:15
redhat
redhat
(RHSA-2012:1202) Moderate: libvirt security and bug fix update
2012-08-23 00:00:00
(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update
2012-10-02 00:00:00
cve
cve
CVE-2012-3445
2012-08-07 21:55:02
cvelist
cvelist
CVE-2012-3445
2012-08-07 21:00:00
nvd
nvd
CVE-2012-3445
2012-08-07 21:55:02
prion
prion
Out-of-bounds
2012-08-07 21:55:00
oraclelinux
oraclelinux
libvirt security and bug fix update
2012-08-23 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libvirt-0.9.6.2-1.fc16
2012-08-22 21:11:41
[SECURITY] Fedora 17 Update: libvirt-0.9.11.5-3.fc17
2012-09-04 22:56:31
[SECURITY] Fedora 17 Update: libvirt-0.9.11.6-1.fc17
2012-10-15 23:29:57
osv
osv
CVE-2022-0897
2022-03-25 19:15:10
CVE-2021-3667
2022-03-02 23:15:08
CVE-2021-3559
2021-05-24 12:15:07

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.011

Percentile

84.2%

JSON
Related for UB:CVE-2012-3445
nessus8debiancve1openvas15centos1veracode1redhat2cve1cvelist1nvd1prion1oraclelinux1fedora5osv16