Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4426

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-4426
Last Modified 23 Nov 2012 07:18:28
Published 21 Nov 2012 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4426

Summary

Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving (1) errors.c or (2) mcrypt.c.

Vulnerable Systems

Application

  • Mcrypt 2.6.4

  • Mcrypt 2.6.5

  • Mcrypt 2.6.6

  • Mcrypt 2.6.7

  • Mcrypt 2.6.8


References

MLIST - [oss-security] 20120913 Re: CVE request - mcrypt buffer overflow flaw

MLIST - [oss-security] 20120910 Re: CVE request - mcrypt buffer overflow flaw

MLIST - [oss-security] 20120906 Re: CVE request - mcrypt buffer overflow flaw


Last Updated: 27 May 2016 10:58:29