Vulnerability Details : CVE-2012-1176
Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi before 0.11.0 allows remote attackers to cause a denial of service (application crash) via a 4-byte utf-8 sequence.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2012-1176
- cpe:2.3:a:fribidi:pyfribidi:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-1176
10.52%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-1176
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-1176
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-1176
-
http://www.openwall.com/lists/oss-security/2012/03/14/9
oss-security - Re: CVE request: pyfribidi buffer overflow flaw
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076038.html
[SECURITY] Fedora 16 Update: pyfribidi-0.11.0-1.fc16
-
http://www.openwall.com/lists/oss-security/2012/03/14/4
oss-security - CVE request: pyfribidi buffer overflow flaw
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/74001
FriBidi Python binding utf-8 buffer overflow CVE-2012-1176 Vulnerability Report
-
https://github.com/pediapress/pyfribidi/commit/d2860c655357975e7b32d84e6b45e98f0dcecd7a
refactor pyfribidi.c module · pediapress/pyfribidi@d2860c6 · GitHub
-
https://bugzilla.wikimedia.org/show_bug.cgi?id=35055
⚓ T37055 backtrace when getting a PDF
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075293.html
[SECURITY] Fedora 17 Update: pyfribidi-0.11.0-1.fc17
-
https://bugzilla.redhat.com/show_bug.cgi?id=801896
801896 – (CVE-2012-1176) CVE-2012-1176 pyfribidi: buffer overflow when handling 4-byte utf-8 sequences
-
http://www.securityfocus.com/bid/52451
FriBidi Python binding (pyfribidi) Buffer Overflow Vulnerability
-
https://github.com/pediapress/pyfribidi/issues/2%29:
Issues · pediapress/pyfribidi · GitHub
-
http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/aacd036037217998/8d095f85f3665bff?lnk=raot
Bug#663189: buffer overflow in python-pyfribidi - Google Groepen
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663189
#663189 - buffer overflow in python-pyfribidi - Debian Bug report logs
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076053.html
[SECURITY] Fedora 15 Update: pyfribidi-0.11.0-1.fc15
Jump to