1. CVE-Search
  2. CVE-2012-2192
ID CVE-2012-2192
Summary The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.
References
Vulnerable Configurations
  • cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:vios:2.2.1.4:fp-25_sp-02:*:*:*:*:*:*
    cpe:2.3:a:ibm:vios:2.2.1.4:fp-25_sp-02:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 31-08-2021 - 15:43)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
refmap via4
aixapar
  • IV16603
  • IV19178
  • IV21128
  • IV21131
  • IV21235
bid 53567
confirm http://aix.software.ibm.com/aix/efixes/security/socket_advisory.asc
sectrack 1027126
xf aix-socketpair-dos(76032)
Last major update 31-08-2021 - 15:43
Published 20-06-2012 - 10:27
Last modified 31-08-2021 - 15:43
Back to Top