cbcvebase.
CVE-2012-4527
published 2012-11-21

CVE-2012-4527: Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute…

PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
7.68%
93.8th percentile
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.

Affected

10 ranges
VendorProductVersion rangeFixed in
debianmcrypt< mcrypt 2.6.8-1.3 (bookworm)mcrypt 2.6.8-1.3 (bookworm)
mcryptmcrypt<= 2.6.8
mcryptmcrypt
mcryptmcrypt
mcryptmcrypt
mcryptmcrypt
mcryptmcrypt>= 0 < 2.6.8-1.32.6.8-1.3
mcryptmcrypt>= 0 < 2.6.8-1.32.6.8-1.3
mcryptmcrypt>= 0 < 2.6.8-1.32.6.8-1.3
mcryptmcrypt>= 0 < 2.6.8-1.32.6.8-1.3

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.