Vulnerability Name:

CVE-2012-0270 (CCN-73467)

Assigned:2011-12-30
Published:2012-02-23
Updated:2014-02-18
Summary:Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2012-0270

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0315

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0370

Source: CCN
Type: SA47585
Csound Two Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
47585

Source: CCN
Type: Secunia Research 23/02/2012
Csound "getnum()" Function Two Buffer Overflow Vulnerabilities

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2012-3/

Source: CONFIRM
Type: Vendor Advisory
http://sourceforge.net/projects/csound/files/csound5/csound5.16/Version5.16_Notes/view

Source: CCN
Type: Csound Web site
Csound

Source: CCN
Type: BID-52144
Csound 'getnum()' Multiple Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
csound-hetimain-bo(73467)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:csounds:csound:5.12.4:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.13.0:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.13.1:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.14.0:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.14.1:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.14.2:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.15.0:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:5.16:*:*:*:*:*:*:*
  • OR cpe:/a:csounds:csound:*:*:*:*:*:*:*:* (Version <= 5.16.1)

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2012-0270 (CCN-73468)

    Assigned:2011-12-30
    Published:2012-02-23
    Updated:2012-02-23
    Summary:Csound is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the getnum() function in util/pv_import.c script. By persuading a victim to open a specially-crafted PVOC file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
    CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): High
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
    4.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2012-0270

    Source: CCN
    Type: SA47585
    Csound Two Buffer Overflow Vulnerabilities

    Source: CCN
    Type: Secunia Research 23/02/2012
    Csound "getnum()" Function Two Buffer Overflow Vulnerabilities

    Source: CCN
    Type: Csound Web site
    Csound

    Source: CCN
    Type: BID-52144
    Csound 'getnum()' Multiple Buffer Overflow Vulnerabilities

    Source: XF
    Type: UNKNOWN
    csound-pvimport-bo(73468)

    Source: EXPLOIT-DB
    Type: EXPLOIT
    Offensive Security Exploit Database [04-06-2012]

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:csounds:csound:5.13.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20120270
    V
    		CVE-2012-0270
    2022-06-30
    oval:org.opensuse.security:def:112122
    P
    		csound-5.18.02-7.10 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105659
    P
    		Security update for qemu (Important)
    2021-11-04
    oval:com.ubuntu.precise:def:20120270000
    V
    		CVE-2012-0270 on Ubuntu 12.04 LTS (precise) - medium.
    2014-02-17
    BACK
    csounds csound 5.12.4
    csounds csound 5.13.0
    csounds csound 5.13.1
    csounds csound 5.14.0
    csounds csound 5.14.1
    csounds csound 5.14.2
    csounds csound 5.15.0
    csounds csound 5.16
    csounds csound *
    csounds csound 5.13.0