Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4415

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-4415
Last Modified 01 Oct 2012 12:00:00
Published 30 Sep 2012 11:26:16
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4415

Summary

Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.

Vulnerable Systems

Operating System

  • Fedoraproject Fedora 16

  • Fedoraproject Fedora 17

Application

  • Guac-dev Guacamole 0.5.0

  • Guac-dev Guacamole 0.6.0

  • Guac-dev Guacamole 0.6.2


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=856743

BID - 55497

MLIST - [oss-security] 20120911 Re: CVE id request: guacd

MLIST - [oss-security] 20120911 CVE id request: guacd

FEDORA - FEDORA-2012-14097

FEDORA - FEDORA-2012-14179

FEDORA - FEDORA-2012-13914

CONFIRM - http://guac-dev.org/trac/changeset/7dcefa744b4a38825619c00ae8b47e5bae6e38c0/libguac

BUGTRAQ - 20120924 CVE-2012-4415: guacamole local root vulnerability


Last Updated: 27 May 2016 11:00:50