1. CVE-Search
  2. CVE-2012-4551
ID CVE-2012-4551
Summary Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted web site, related to "certain hash tables."
References
Vulnerable Configurations
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:0.02:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:0.02:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:0.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:0.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:0.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:0.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ps_project_management_team:libunity-webapps:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:ps_project_management_team:libunity-webapps:2.4.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 03-12-2012 - 05:00)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 56314
confirm http://bazaar.launchpad.net/~webapps/libunity-webapps/trunk/revision/815
misc https://bugs.launchpad.net/ubuntu/%2Bsource/libunity-webapps/%2Bbug/1068495
mlist [oss-security] 20121029 Re: CVE request: use-after-free in libunity-webapps
ubuntu USN-1635-1
Last major update 03-12-2012 - 05:00
Published 30-11-2012 - 22:55
Last modified 03-12-2012 - 05:00
Back to Top