cbcvebase.
CVE-2012-4562
published 2012-11-30

CVE-2012-4562: Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and possibly execute arbitrary…

PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
12.85%
95.8th percentile
Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified vulnerabilities.

Affected

10 ranges
VendorProductVersion rangeFixed in
debianlibssh< libssh 0.5.3-1 (bookworm)libssh 0.5.3-1 (bookworm)
libsshlibssh<= 0.5.2
libsshlibssh
libsshlibssh
libsshlibssh
libsshlibssh
libsshlibssh>= 0 < 0.5.3-10.5.3-1
libsshlibssh>= 0 < 0.5.3-10.5.3-1
libsshlibssh>= 0 < 0.5.3-10.5.3-1
libsshlibssh>= 0 < 0.5.3-10.5.3-1

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.