Novell Home

CVE-2012-0065

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-0065 at MITRE

Description

Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list.

NVD CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 742546

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP2 DEBUGINFO
  • usbmuxd-debuginfo >= 1.0.7-5.10.1
  • usbmuxd-debugsource >= 1.0.7-5.10.1
 sled11-sp2.x86-64
sled11-sp2.x86
SAT Patch Nr: 5871
SUSE Linux Enterprise Desktop 11 SP2
  • usbmuxd >= 1.0.7-5.10.1
 sled11-sp2.x86-64
sled11-sp2.x86
SAT Patch Nr: 5871
openSUSE 11.4 DEBUGINFO
  • iproxy-debuginfo >= 1.0.7-3.5.1
  • libusbmuxd1-debuginfo >= 1.0.7-3.5.1
  • usbmuxd-debuginfo >= 1.0.7-3.5.1
  • usbmuxd-debugsource >= 1.0.7-3.5.1
openSUSE 11.4
  • iproxy >= 1.0.7-3.5.1
  • libusbmuxd-devel >= 1.0.7-3.5.1
  • libusbmuxd1 >= 1.0.7-3.5.1
  • usbmuxd >= 1.0.7-3.5.1

© 2013 Novell