Vulnerability CVE-2012-3461

Vulnerability Name:

CVE-2012-3461 (CCN-77528)

Assigned:

2012-08-08

Published:

2012-08-08

Updated:

2023-02-13

Summary:

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Gain Access

References:

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: MITRE
Type: CNA
CVE-2012-3461

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Debian Web site
libotr2

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: DEBIAN
Type: DSA-2526
libotr -- heap-based buffer overflows

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-54907
libotr2 Package Multiple Heap Based Buffer Overflow Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 846377
CVE-2012-3461 libotr: Multiple heap-based buffer overflows in the Base64 decoder

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
libotr-base64-bo(77528)

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20123461	V	CVE-2012-3461	2022-05-20
oval:org.opensuse.security:def:42370	P	Security update for the Linux Kernel (Important)	2022-04-26
oval:org.opensuse.security:def:33111	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-17
oval:org.opensuse.security:def:26224	P	Security update for libvirt (Important)	2022-01-05
oval:org.opensuse.security:def:26188	P	Security update for gegl (Important)	2021-12-28
oval:org.opensuse.security:def:32250	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:34613	P	Security update for gettext-runtime (Moderate)	2021-12-14
oval:org.opensuse.security:def:26182	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:34009	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:29444	P	Security update for samba (Important)	2021-11-16
oval:org.opensuse.security:def:34573	P	Security update for ncurses (Moderate)	2021-10-20
oval:org.opensuse.security:def:32206	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:26143	P	Security update for curl (Moderate)	2021-10-11
oval:org.opensuse.security:def:33722	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:32184	P	Security update for openssl (Low)	2021-09-20
oval:org.opensuse.security:def:31674	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:26098	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:26096	P	Security update for php72 (Moderate)	2021-07-29
oval:org.opensuse.security:def:32145	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:26090	P	Security update for systemd (Moderate)	2021-07-20
oval:org.opensuse.security:def:31648	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:33935	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:55211	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:32127	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:29387	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:42614	P	libotr2-3.2.0-10.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36471	P	libotr-devel-3.2.0-10.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36207	P	libotr2-3.2.0-10.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32927	P	Security update for postgresql96 (Moderate)	2021-05-26
oval:org.opensuse.security:def:26041	P	Security update for samba (Important)	2021-04-29
oval:org.opensuse.security:def:55889	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:26032	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:33891	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:32283	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:33100	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:33099	P	Security update for python36 (Moderate)	2021-03-19
oval:org.opensuse.security:def:31740	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:33779	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:54766	P	Security update for perl-XML-Twig (Moderate)	2021-03-01
oval:org.opensuse.security:def:26200	P	Security update for glibc (Moderate)	2021-02-25
oval:org.opensuse.security:def:57165	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:26192	P	Security update for php72 (Important)	2021-02-17
oval:org.opensuse.security:def:28928	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)	2021-02-10
oval:org.opensuse.security:def:26189	P	Security update for subversion (Important)	2021-02-10
oval:org.opensuse.security:def:33970	P	Security update for openvswitch (Important)	2021-02-03
oval:org.opensuse.security:def:31673	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:32964	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:32096	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:31685	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:29957	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:29301	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:55770	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:35963	P	libotr2-3.2.0-10.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32820	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:28492	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25960	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32040	P	Security update for various KMPs (Moderate)	2020-12-01
oval:org.opensuse.security:def:29736	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:26752	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32501	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29170	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26362	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:27602	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:54939	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26765	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26231	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27138	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25798	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31884	P	Security update for dosfstools (Moderate)	2020-12-01
oval:org.opensuse.security:def:29183	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:26532	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28702	P	Security update for GPG2	2020-12-01
oval:org.opensuse.security:def:33177	P	librpcsecgss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29842	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27637	P	Security update for libotr	2020-12-01
oval:org.opensuse.security:def:26021	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32591	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26818	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33867	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:54365	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26264	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:33420	P	Security update for OpenEXR	2020-12-01
oval:org.opensuse.security:def:55496	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27845	P	Recommended update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26927	P	kdelibs3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25513	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31442	P	Security update for policycoreutils (Low)	2020-12-01
oval:org.opensuse.security:def:27412	P	glibc-html on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32388	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:29283	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25768	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31891	P	Security update for expat (Important)	2020-12-01
oval:org.opensuse.security:def:26699	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33288	P	xalan-j2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57239	P	Security update for libotr	2020-12-01
oval:org.opensuse.security:def:29090	P	Security update for gdb (Moderate)	2020-12-01
oval:org.opensuse.security:def:32877	P	gtk2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55604	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:26920	P	jakarta-commons-httpclient3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54528	P	libXv1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26530	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28541	P	Security update for dhcp	2020-12-01
oval:org.opensuse.security:def:27126	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25589	P	Security update for zabbix (Moderate)	2020-12-01
oval:org.opensuse.security:def:27704	P	Security update for apache2-mod_fcgid	2020-12-01
oval:org.opensuse.security:def:26474	P	Security update for znc (Moderate)	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28503	P	Security update for openssh-openssl1 (Critical)	2020-12-01
oval:org.opensuse.security:def:29785	P	Security update for gpg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26796	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32502	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26446	P	Security update for kconfig, kdelibs4 (Important)	2020-12-01
oval:org.opensuse.security:def:55808	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:28576	P	Security update for libotr	2020-12-01
oval:org.opensuse.security:def:33190	P	libvirt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55045	P	xscreensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27757	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26245	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32888	P	jpeg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31430	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27202	P	libnewt0_52 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25855	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:29222	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27170	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25756	P	Security update for python, python-base, python-doc (Moderate)	2020-12-01
oval:org.opensuse.security:def:28787	P	Security update for Mozilla NSS	2020-12-01
oval:org.opensuse.security:def:26333	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:33226	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29886	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:32726	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29529	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26867	P	ark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54366	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26392	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:33477	P	Security update for openLDAP	2020-12-01
oval:org.opensuse.security:def:27859	P	Security update for postgresql91 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26962	P	libotr2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25514	P	Security update for mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:31516	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:27469	P	libotr-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26386	P	Security update for kdepim, messagelib (Moderate)	2020-12-01
oval:org.opensuse.security:def:32427	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:29921	P	Security update for libexif	2020-12-01
oval:org.opensuse.security:def:28491	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:25832	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31983	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:29080	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:26738	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33332	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:29101	P	Recommended update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26305	P	Security update for python-setuptools (Moderate)	2020-12-01
oval:org.opensuse.security:def:55696	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:26964	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26614	P	mozilla-xulrunner190 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27127	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25717	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31797	P	Recommended update for NetworkManager-kde4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29134	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26488	P	Security update for cacti, cacti-spine (Moderate)	2020-12-01
oval:org.opensuse.security:def:33131	P	kvm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28571	P	Security update for libqt4	2020-12-01
oval:org.opensuse.security:def:33120	P	kde4-kgreeter-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29824	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27434	P	libasm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26020	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:32513	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26597	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33828	P	Security update for gnuplot (Moderate)	2020-12-01
oval:org.opensuse.security:def:33325	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27806	P	Security update for libpng12-0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26289	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:33170	P	libotr2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31431	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27330	P	xorg-x11-libXext-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25939	P	Security update for gstreamer-0_10-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:32339	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:29239	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:27205	P	libotr2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25757	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:28844	P	Security update for wireshark	2020-12-01
oval:org.opensuse.security:def:26650	P	xdg-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33265	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30524	P	Security update for inn	2020-12-01
oval:org.opensuse.security:def:29089	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29682	P	Security update for ed	2020-12-01
oval:org.opensuse.security:def:26906	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54388	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26473	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:33565	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27903	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:25525	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:27553	P	rubygem-actionmailer-3_2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26435	P	Security update for znc (Low)	2020-12-01
oval:org.opensuse.security:def:32449	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:30561	P	Security update for libotr	2020-12-01
oval:org.mitre.oval:def:17921	P	USN-1541-1 -- libotr vulnerability	2014-06-30
oval:org.mitre.oval:def:18429	P	DSA-2526-1 libotr - buffer overflow	2014-06-23
oval:org.opensuse.security:def:79873	P	Security update for libotr	2012-11-21
oval:com.ubuntu.precise:def:20123461000	V	CVE-2012-3461 on Ubuntu 12.04 LTS (precise) - low.	2012-08-20

BACK