NVD

Id
45801  
Name
CVE-2012-4409  
Description
Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-11-21  
Modified Date
2013-04-01  
Seq
2012-4409  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
229866 45801 CVE-2012-4409 FEDORA-2012-13599  View
229867 45801 CVE-2012-4409 FEDORA-2012-13656  View
229868 45801 CVE-2012-4409 FEDORA-2012-13657  View
229869 45801 CVE-2012-4409 http://packetstormsecurity.org/files/116268/mcrypt-2.6.8-Buffer-Overflow-Proof-Of-Concept.html  View
229870 45801 CVE-2012-4409 [oss-security] 20120906 Re: CVE request - mcrypt buffer overflow flaw  View
229871 45801 CVE-2012-4409 1027532  View
229872 45801 CVE-2012-4409 https://bugzilla.redhat.com/show_bug.cgi?id=855029  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29780 JVNDB-2012-005487 mcrypt の extra.c におけるスタックベースのバッファオーバーフローの脆弱性 mcrypt の extra.c 内の check_file_head 関数には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2012-4409 57647 CVE-2012-4409 45801 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005487.html 2012-11-21 2012-11-26 View