Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2012-3368

Date: July 3, 2012

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

Severity Score

Related Resources (10)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302
https://bugzilla.redhat.com/show_bug.cgi?id=835849
https://security-tracker.debian.org/tracker/CVE-2012-3368
https://bugzilla.redhat.com/show_bug.cgi?id=812551
http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812
http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357
https://nvd.nist.gov/vuln/detail/CVE-2012-3368
https://access.redhat.com/security/cve/CVE-2012-3368
https://people.canonical.com/~ubuntu-security/cve/CVE-2012-3368
https://www.mend.io/vulnerability-database/CVE-2012-3368

Severity Score

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us