Vulnerability Description
Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nikias Bassen | Usbmuxd | 1.0.5 |
Related Weaknesses (CWE)
References
- http://git.marcansoft.com/?p=usbmuxd.git%3Ba=commitdiff%3Bh=f794991993af56a74795
- http://openwall.com/lists/oss-security/2012/01/19/25Patch
- http://openwall.com/lists/oss-security/2012/01/19/26
- http://secunia.com/advisories/47545Vendor Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:133
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:133
- http://www.securityfocus.com/bid/51573
- https://bugs.gentoo.org/show_bug.cgi?id=399409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72546
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0228
- http://git.marcansoft.com/?p=usbmuxd.git%3Ba=commitdiff%3Bh=f794991993af56a74795
- http://openwall.com/lists/oss-security/2012/01/19/25Patch
- http://openwall.com/lists/oss-security/2012/01/19/26
- http://secunia.com/advisories/47545Vendor Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:133
FAQ
What is CVE-2012-0065?
CVE-2012-0065 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNum...
How severe is CVE-2012-0065?
CVE-2012-0065 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0065?
Check the references section above for vendor advisories and patch information. Affected products include: Nikias Bassen Usbmuxd.