CVE-2012-4560 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libssh

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources

Severity

7.5HIGHNVD

EPSS

6.6%

top 8.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libssh

Timeline

PublishedNov 30

Latest updateMay 17

Description

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debianlibssh/libssh< 0.5.3-1+3

▶NVDlibssh/libssh0.5.2+4

🔴Vulnerability Details

GHSA

GHSA-q6mh-jmqc-qqqq: Multiple buffer overflows in libssh before 0↗2022-05-17

▶

CVEList

CVE-2012-4560: Multiple buffer overflows in libssh before 0↗2012-11-30

▶

OSV

CVE-2012-4560: Multiple buffer overflows in libssh before 0↗2012-11-30

▶

📋Vendor Advisories

Ubuntu

libssh vulnerabilities↗2012-11-26

▶

Debian

CVE-2012-4560: libssh - Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause...↗2012

▶

💬Community

Bugzilla

CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2012-4562 libssh various flaws [fedora-all]↗2012-11-20

▶

Bugzilla

CVE-2012-4560 libssh: multiple buffer overflow flaws↗2012-10-30

▶