7.9

CVE-2012-0870

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version3.0.0
RimBlackberry Playbook Os Version <= 2.0
RimBlackberry Playbook Os Version1.0
RimBlackberry Playbook Os Version1.0.3
RimBlackberry Playbook Os Version1.0.5
RimBlackberry Playbook Os Version1.0.6
RimBlackberry Playbook Os Version1.0.7
RimBlackberry Playbook Os Version1.0.7.2942
RimBlackberry Playbook Os Version1.0.7.3312
RimBlackberry Playbook Os Version1.0.8.4985
RimBlackberry Playbook Os Version1.0.8.6067
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.5% 0.929
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.9 5.5 10
AV:A/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://support.apple.com/kb/HT5281
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html
http://secunia.com/advisories/48879
http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html
http://secunia.com/advisories/48116
http://secunia.com/advisories/48186
http://secunia.com/advisories/48844
http://www.ubuntu.com/usn/USN-1374-1
https://bugzilla.redhat.com/show_bug.cgi?id=795509
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/73361