2.6
CVE-2012-3368
- EPSS 2.16%
- Veröffentlicht 03.07.2012 21:55:01
- Zuletzt bearbeitet 16.06.2026 23:43:05
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.16% | 0.799 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:P/I:N/A:N
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302
http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357
http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812
https://bugzilla.redhat.com/show_bug.cgi?id=812551
https://bugzilla.redhat.com/show_bug.cgi?id=835849