CVE-2012-0127
published 2012-03-31CVE-2012-0127: Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.
PriorityP264critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
23.28%
97.5th percentile
Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | performance_manager | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vqvh-pcwc-5q74: Unspecified vulnerability in HP Performance Manager 9
ghsa_unreviewed·2022-05-04
CVE-2012-0127 [HIGH] GHSA-vqvh-pcwc-5q74: Unspecified vulnerability in HP Performance Manager 9
Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.
Red Hat
mysql: over-sized packet denial of service vulnerability
vendor_redhat·2010-05-13·CVSS 5.0
CVE-2010-1849 [MEDIUM] mysql: over-sized packet denial of service vulnerability
mysql: over-sized packet denial of service vulnerability
The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
Statement: This issue was fixed in mysql packages shipped with Red Hat Enterprise Linux 5 via RHSA-2012:0127. The mysql packages in Red Hat Enterprise Linux 6 include this fix since the initial release of the product.
Package: mysql (Red Hat Enterprise Linux 4) - Will not fix
Package: mysql (Red Hat Enterprise Linux 6) - Affected
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-4452 mysql: regression of CVE-2009-4030
bugzilla·2012-09-26·CVSS 4.4
CVE-2012-4452 [MEDIUM] CVE-2012-4452 mysql: regression of CVE-2009-4030
CVE-2012-4452 mysql: regression of CVE-2009-4030
It was found that the fix for CVE-2009-4030 was removed from the MySQL packages as provided with RHSA-2012:0127 when it was updated to version 5.0.95. Upstream claimed to have corrected this in version 5.0.88, so the patch was removed when it did not apply. As a result, MySQL version 5.0.95-1.el5_7.1 became vulnerable to CVE-2009-4030 again.
For most default or typical configurations, this flaw has no impact. Please see https://bugzilla.redhat.com/show_bug.cgi?id=543653#c4 for further discussion on the possible scenarios where this flaw can be triggered. If the basedir and datadir directives are unchanged in MySQL's configuration or command-line arguments, this flaw has no impact.
Discussion:
Statement:
(none)
---
Acknowledgements:
T
Bugzilla
CVE-2012-2693 libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored
bugzilla·2012-06-12·CVSS 3.7
CVE-2012-2693 [LOW] CVE-2012-2693 libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored
CVE-2012-2693 libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored
libvirt ignores address bus= device= when identicle vendor ID/product IDs usb devices attached with either virsh or virt-manager.
As a consequence, wrong USB device can be assigned to the wrong guest.
References and proposed upstream patch:
https://www.redhat.com/archives/libvir-list/2012-April/msg01494.html
Discussion:
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2012:0748 https://rhn.redhat.com/errata/RHSA-2012-0748.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2013:0127 https://rhn.redhat.com/errata/RHSA-2013-0127.html
http://osvdb.org/80657http://secunia.com/advisories/48586http://www.securityfocus.com/archive/1/522101http://www.securityfocus.com/bid/52749http://www.securitytracker.com/id?1026869https://exchange.xforce.ibmcloud.com/vulnerabilities/74406http://osvdb.org/80657http://secunia.com/advisories/48586http://www.securityfocus.com/archive/1/522101http://www.securityfocus.com/bid/52749http://www.securitytracker.com/id?1026869https://exchange.xforce.ibmcloud.com/vulnerabilities/74406
2012-03-31
Published