CVE-2012-0388 β€” Missing Release of Memory after Effective Lifetime in Cisco IOS

CWE-39911 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.8%
top 25.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMar 29
Latest updateMay 4

Description

Memory leak in the H.323 inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed transit H.323 traffic, aka Bug ID CSCtq45553.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

β–ΆNVDcisco/ios4 versions+3

πŸ”΄Vulnerability Details

2
GHSA
GHSA-wgvw-vfq9-3m2p: Memory leak in the H↗2022-05-04
β–Ά
CVEList
CVE-2012-0388: Memory leak in the H↗2012-03-29
β–Ά

πŸ“‹Vendor Advisories

1
Cisco
Cisco IOS Software Zone-Based Firewall Vulnerabilities↗2012-03-28
β–Ά

πŸ’¬Community

7
Bugzilla
CVE-2012-0456 CVE-2012-0457 Mozilla: SVG issues found with Address Sanitizer (MFSA 2012-14)β†—2012-03-14
β–Ά
Bugzilla
CVE-2012-0458 Mozilla: Escalation of privilege with Javascript: URL as home page (MFSA 2012-16)β†—2012-03-14
β–Ά
Bugzilla
CVE-2012-0451 Mozilla: XSS with multiple Content Security Policy headers (MFSA 2012-15)β†—2012-03-14
β–Ά
Bugzilla
CVE-2012-0460 Mozilla: window.fullScreen writeable by untrusted content (MFSA 2012-18)β†—2012-03-14
β–Ά
Bugzilla
CVE-2012-0461 CVE-2012-0462 CVE-2012-0464 Mozilla: Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28) (MFSA 2012-19)β†—2012-03-14
β–Ά
CVE-2012-0388 β€” Cisco IOS vulnerability | cvebase