Samba : Security Vulnerabilities, CVEs, Published In 2012 (Code Execution)
CVE-2012-1182
Public exploit
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
Max CVSS
10.0
EPSS Score
49.37%
Published
2012-04-10
Updated
2018-10-30
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.
Max CVSS
7.9
EPSS Score
95.92%
Published
2012-02-23
Updated
2023-02-13
2 vulnerabilities found