Security Vulnerabilities, CVEs, Published In 2012 (Denial of service)
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input.
Max CVSS
4.7
EPSS Score
0.06%
Published
2012-12-13
Updated
2017-08-29
CVE-2012-6301
Public exploit
The Browser application in Android 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted market: URI in the SRC attribute of an IFRAME element.
Max CVSS
5.0
EPSS Score
6.04%
Published
2012-12-10
Updated
2012-12-11
Double free vulnerability in the sftp_mkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559.
Max CVSS
7.5
EPSS Score
6.03%
Published
2012-11-30
Updated
2012-12-19
The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Max CVSS
5.0
EPSS Score
1.43%
Published
2012-12-05
Updated
2017-09-19
The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted value in a packet.
Max CVSS
5.0
EPSS Score
1.38%
Published
2012-12-05
Updated
2017-09-19
Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
Max CVSS
5.0
EPSS Score
1.95%
Published
2012-12-05
Updated
2017-09-19
The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
1.33%
Published
2012-12-05
Updated
2017-09-19
Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value.
Max CVSS
5.0
EPSS Score
2.00%
Published
2012-12-05
Updated
2017-09-19
The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet.
Max CVSS
5.0
EPSS Score
0.41%
Published
2012-12-05
Updated
2017-09-19
Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count.
Max CVSS
5.0
EPSS Score
0.40%
Published
2012-12-05
Updated
2017-09-19
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field.
Max CVSS
5.0
EPSS Score
0.77%
Published
2012-12-05
Updated
2017-09-19
The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6.
Max CVSS
5.0
EPSS Score
0.41%
Published
2012-12-05
Updated
2017-09-19
epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field.
Max CVSS
5.0
EPSS Score
0.41%
Published
2012-12-05
Updated
2017-09-19
Google CityHash computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack.
Max CVSS
5.0
EPSS Score
0.08%
Published
2012-11-28
Updated
2012-11-29
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll.
Max CVSS
6.4
EPSS Score
41.71%
Published
2012-11-27
Updated
2017-08-29
Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of service (crash) via a long string in a gpx file.
Max CVSS
5.0
EPSS Score
11.46%
Published
2012-11-27
Updated
2012-11-27
M-Player 0.4 allows remote attackers to cause a denial of service (crash) via a crafted MP3 file.
Max CVSS
4.3
EPSS Score
2.78%
Published
2012-11-26
Updated
2017-08-29
GPSMapEdit 1.1.73.2 allows user-assisted remote attackers to cause a denial of service (crash) via a long string in a lst file.
Max CVSS
4.3
EPSS Score
0.45%
Published
2012-11-26
Updated
2012-11-28
The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or possibly execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
Max CVSS
4.4
EPSS Score
0.08%
Published
2012-11-23
Updated
2017-08-29
The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
Max CVSS
6.9
EPSS Score
0.10%
Published
2012-11-23
Updated
2017-08-29
The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
Max CVSS
4.4
EPSS Score
0.10%
Published
2012-11-23
Updated
2017-08-29
Multiple integer overflows in the (1) tmh_copy_from_client and (2) tmh_copy_to_client functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (memory corruption and host crash) via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
Max CVSS
4.9
EPSS Score
0.06%
Published
2012-11-23
Updated
2017-08-29
The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related to a spinlock being held in the "bad_copy error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
Max CVSS
4.7
EPSS Score
0.06%
Published
2012-11-23
Updated
2017-08-29
The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
Max CVSS
7.2
EPSS Score
0.06%
Published
2012-11-23
Updated
2017-08-29
screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209.
Max CVSS
6.3
EPSS Score
0.10%
Published
2012-12-19
Updated
2013-01-30