Vulnerability Details : CVE-2012-4551
Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted web site, related to "certain hash tables."
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2012-4551
- cpe:2.3:a:ps_project_management_team:libunity-webapps:*:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:0.02:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ps_project_management_team:libunity-webapps:0.2.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-4551
5.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-4551
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2012-4551
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-4551
-
http://www.ubuntu.com/usn/USN-1635-1
USN-1635-1: libunity-webapps vulnerability | Ubuntu security notices
-
https://bugs.launchpad.net/ubuntu/%2Bsource/libunity-webapps/%2Bbug/1068495
Bug #1068495 “Firefox 16.0.1 Crash Report [@ unity_webapps_avail...” : Bugs : libunity-webapps package : Ubuntu
-
http://www.openwall.com/lists/oss-security/2012/10/29/3
oss-security - Re: CVE request: use-after-free in libunity-webapps
-
http://bazaar.launchpad.net/~webapps/libunity-webapps/trunk/revision/815
~webapps/libunity-webapps/trunk : revision 815
-
http://www.securityfocus.com/bid/56314
libunity-webapps Use-After-Free Memory Corruption Vulnerability
Jump to