Apache : Security Vulnerabilities, CVEs, Published In March 2013 (Denial of service)

CVE-2012-4460

The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
Max CVSS
5.0
EPSS Score
0.65%
Published
2013-03-14
Updated
2023-02-13

CVE-2012-4459

Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
Max CVSS
5.0
EPSS Score
1.14%
Published
2013-03-14
Updated
2013-03-19

CVE-2012-4458

The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
Max CVSS
5.0
EPSS Score
1.14%
Published
2013-03-14
Updated
2013-03-19
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close