Vulnerability CVE-2012-0065

Vulnerability Name:

CVE-2012-0065 (CCN-72546)

Assigned:

2011-12-07

Published:

2012-01-12

Updated:

2023-02-13

Summary:

CVSS v3 Severity:

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: usbmuxd Web Site
usbmuxd - A socket daemon to multiplex connections from and to an iPhone or iPod Touch

Source: MITRE
Type: CNA
CVE-2012-0065

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: usbmuxd GIT Repository
Fix possible buffer overflow

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: SA47545
usbmuxd "receive_packet()" Buffer Overflow Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 78358
usbmuxd libusbmuxd/libusbmuxd.c receive_packet() Function SerialNumber Field Local Overflow

Source: CCN
Type: BID-51573
usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
usbmuxd-libusbmuxd-bo(72546)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:nikias_bassen:usbmuxd:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:nikias_bassen:usbmuxd:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:nikias_bassen:usbmuxd:1.0.5:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:55523	P	Security update for sudo (Moderate)	2023-03-29
oval:org.opensuse.security:def:55238	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:20120065	V	CVE-2012-0065	2021-06-25
oval:org.opensuse.security:def:55916	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:57192	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:55835	P	Security update for openvswitch (Important)	2021-02-03
oval:org.opensuse.security:def:55631	P	Security update for xscreensaver (Moderate)	2020-12-01
oval:org.opensuse.security:def:27496	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54415	P	DirectFB on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28603	P	Security update for usbmuxd	2020-12-01
oval:org.opensuse.security:def:55797	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:27731	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:54793	P	grub2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27154	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27833	P	Security update for mercurial	2020-12-01
oval:org.opensuse.security:def:55072	P	ceph-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27229	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57266	P	Security update for usbmuxd	2020-12-01
oval:org.opensuse.security:def:27886	P	Security update for rubygem-rack (Moderate)	2020-12-01
oval:org.opensuse.security:def:27439	P	libcurl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54393	P	tigervnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28568	P	Security update for KVM	2020-12-01
oval:org.opensuse.security:def:55723	P	Security update for supportutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:27580	P	xen-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54555	P	libid3tag0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27153	P	jpeg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27784	P	Security update for kvm and libvirt	2020-12-01
oval:org.opensuse.security:def:54966	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27165	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27872	P	Recommended update for python-setuptools (Moderate)	2020-12-01
oval:org.opensuse.security:def:27357	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54392	P	tftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27930	P	Security update for GraphicsMagick (Low)	2020-12-01
oval:org.mitre.oval:def:17581	P	USN-1354-1 -- usbmuxd vulnerability	2014-07-21
oval:org.opensuse.security:def:79900	P	Security update for usbmuxd	2012-02-23

BACK