7.2
CVE-2011-4062
- EPSS 0.93%
- Veröffentlicht 18.10.2011 01:55:01
- Zuletzt bearbeitet 16.06.2026 23:34:21
- Quelle secteam@freebsd.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.93% | 0.559 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/46202
http://secunia.com/advisories/46564
http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc
http://security.freebsd.org/patches/SA-11:05/unix2.patch
http://www.debian.org/security/2011/dsa-2325
http://www.exploit-db.com/exploits/17908
http://www.osvdb.org/75788
http://www.securityfocus.com/bid/49862
http://www.securitytracker.com/id?1026106