CVE-2012-6656
published 2014-12-05CVE-2012-6656: iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a…
medium5CVSS 3.1
AVNACLAuNCNINAP
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | glibc | < glibc 2.17-1 (bookworm) | glibc 2.17-1 (bookworm) |
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.4 | 2.19-0ubuntu6.4 |
| gnu | glibc | <= 2.16 | — |
| gnu | glibc | >= 0 < 2.17-1 | 2.17-1 |
| gnu | glibc | >= 0 < 2.17-1 | 2.17-1 |
| gnu | glibc | >= 0 < 2.17-1 | 2.17-1 |
| gnu | glibc | >= 0 < 2.17-1 | 2.17-1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM