CVE Vulnerabilities

CVE-2012-4459

Published: Mar 14, 2013 | Modified: Mar 19, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
5 MODERATE
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu

Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.

Affected Software

Name Vendor Start Version End Version
Qpid Apache 0.5 0.5
Qpid Apache 0.6 0.6
Qpid Apache 0.7 0.7
Qpid Apache 0.8 0.8
Qpid Apache 0.9 0.9
Qpid Apache 0.10 0.10
Qpid Apache 0.11 0.11
Qpid Apache 0.12 0.12
Qpid Apache 0.13 0.13
Qpid Apache 0.14 0.14
Qpid Apache 0.15 0.15
Qpid Apache 0.16 0.16
Qpid Apache 0.17 0.17
Qpid Apache 0.18 0.18
Qpid Apache 0.19 0.19
Qpid Apache * 0.20
MRG for RHEL-5 v. 2 RedHat cumin-messaging-0:0.1.1-2.el5 *
MRG for RHEL-5 v. 2 RedHat mrg-release-0:2.3.0-1.el5 *
MRG for RHEL-5 v. 2 RedHat python-qpid-0:0.18-4.el5 *
MRG for RHEL-5 v. 2 RedHat qpid-cpp-mrg-0:0.18-14.el5 *
MRG for RHEL-5 v. 2 RedHat qpid-java-0:0.18-7.el5 *
MRG for RHEL-5 v. 2 RedHat qpid-jca-0:0.18-8.el5 *
MRG for RHEL-5 v. 2 RedHat qpid-qmf-0:0.18-15.el5 *
MRG for RHEL-5 v. 2 RedHat qpid-tests-0:0.18-2.el5 *
MRG for RHEL-5 v. 2 RedHat qpid-tools-0:0.18-8.el5 *
MRG for RHEL-5 v. 2 RedHat rhm-docs-0:0.18-2.el5 *
MRG for RHEL-5 v. 2 RedHat saslwrapper-0:0.18-1.el5 *
Red Hat Enterprise MRG 2 RedHat cumin-messaging-0:0.1.1-2.el6 *
Red Hat Enterprise MRG 2 RedHat mrg-release-0:2.3.0-1.el6 *
Red Hat Enterprise MRG 2 RedHat python-qpid-0:0.18-4.el6 *
Red Hat Enterprise MRG 2 RedHat qpid-cpp-0:0.18-14.el6 *
Red Hat Enterprise MRG 2 RedHat qpid-java-0:0.18-7.el6 *
Red Hat Enterprise MRG 2 RedHat qpid-jca-0:0.18-8.el6 *
Red Hat Enterprise MRG 2 RedHat qpid-qmf-0:0.18-15.el6 *
Red Hat Enterprise MRG 2 RedHat qpid-tests-0:0.18-2.el6 *
Red Hat Enterprise MRG 2 RedHat qpid-tools-0:0.18-8.el6 *
Red Hat Enterprise MRG 2 RedHat rhm-docs-0:0.18-2.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-rake-0:0.8.7-2.1.el6 *
Red Hat Enterprise MRG 2 RedHat rubygems-0:1.8.16-1.el6 *
Red Hat Enterprise MRG 2 RedHat saslwrapper-0:0.18-1.el6_3 *
Red Hat Enterprise MRG 2 RedHat xerces-c-0:3.0.1-20.el6 *
Red Hat Enterprise MRG 2 RedHat xqilla-0:2.2.3-8.el6 *
Qpid-cpp Ubuntu artful *
Qpid-cpp Ubuntu precise *
Qpid-cpp Ubuntu quantal *
Qpid-cpp Ubuntu raring *
Qpid-cpp Ubuntu saucy *
Qpid-cpp Ubuntu trusty *
Qpid-cpp Ubuntu upstream *
Qpid-cpp Ubuntu utopic *
Qpid-cpp Ubuntu vivid *
Qpid-cpp Ubuntu wily *
Qpid-cpp Ubuntu xenial *
Qpid-cpp Ubuntu yakkety *
Qpid-cpp Ubuntu zesty *

References