Vulnerability Details : CVE-2012-3845
Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote attackers to cause a denial of service (crash) via a long string in an initiation request.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2012-3845
- cpe:2.3:a:lan_messenger:lan_messenger1.2.28:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-3845
6.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3845
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-3845
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3845
-
http://www.securityfocus.com/bid/53333
LAN Messenger Malformed Packet Remote Denial of Service VulnerabilityExploit
-
http://www.exploit-db.com/exploits/18816
LAN Messenger 1.2.28 - Denial of Service - Windows dos ExploitExploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75319
LAN Messenger packet denial of service CVE-2012-3845 Vulnerability Report
-
http://archives.neohapsis.com/archives/bugtraq/2012-05/0005.html
Jump to