Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for storage_for_public_cloud by redhat

    CVE-2012-4406 (GCVE-0-2012-4406)

    Vulnerability from nvd – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
    VLAI
    Summary
    OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-06-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:35:09.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/openstack/swift/commit/e1ff51c04554d51616d2845f92ab726cb0e5831a"
              },
              {
                "name": "55420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55420"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/swift/+milestone/1.7.0"
              },
              {
                "name": "RHSA-2012:1379",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1379.html"
              },
              {
                "name": "openstack-swift-loads-code-exec(79140)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79140"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/swift/+bug/1006414"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854757"
              },
              {
                "name": "[oss-security] 20120905 CVE-Request: openstack pickle de-serialization",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/05/4"
              },
              {
                "name": "FEDORA-2012-15098",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089472.html"
              },
              {
                "name": "RHSA-2013:0691",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-0691.html"
              },
              {
                "name": "[oss-security] 20120905 Re: CVE-Request: openstack pickle de-serialization",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/05/16"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-06-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/openstack/swift/commit/e1ff51c04554d51616d2845f92ab726cb0e5831a"
            },
            {
              "name": "55420",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55420"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/swift/+milestone/1.7.0"
            },
            {
              "name": "RHSA-2012:1379",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1379.html"
            },
            {
              "name": "openstack-swift-loads-code-exec(79140)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79140"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/swift/+bug/1006414"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854757"
            },
            {
              "name": "[oss-security] 20120905 CVE-Request: openstack pickle de-serialization",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/05/4"
            },
            {
              "name": "FEDORA-2012-15098",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089472.html"
            },
            {
              "name": "RHSA-2013:0691",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0691.html"
            },
            {
              "name": "[oss-security] 20120905 Re: CVE-Request: openstack pickle de-serialization",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/05/16"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-4406",
        "datePublished": "2012-10-22T23:00:00.000Z",
        "dateReserved": "2012-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:35:09.281Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-0037 (GCVE-0-2012-0037)

    Vulnerability from nvd – Published: 2012-06-17 01:00 – Updated: 2024-08-06 18:09
    VLAI
    Summary
    Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/60799 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/48526 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/48479 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20140… vendor-advisoryx_refsource_GENTOO
    http://security.gentoo.org/glsa/glsa-201209-05.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/48494 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1026837 vdb-entryx_refsource_SECTRACK
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/52681 vdb-entryx_refsource_BID
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/48529 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/80307 vdb-entryx_refsource_OSVDB
    http://rhn.redhat.com/errata/RHSA-2012-0410.html vendor-advisoryx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2012/03/27/4 mailing-listx_refsource_MLIST
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/48542 third-party-advisoryx_refsource_SECUNIA
    http://www.libreoffice.org/advisories/CVE-2012-0037/ x_refsource_CONFIRM
    http://vsecurity.com/resources/advisory/20120324-1/ x_refsource_MISC
    http://secunia.com/advisories/50692 third-party-advisoryx_refsource_SECUNIA
    http://blog.documentfoundation.org/2012/03/22/tdf… x_refsource_CONFIRM
    http://secunia.com/advisories/48649 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2012/dsa-2438 vendor-advisoryx_refsource_DEBIAN
    http://rhn.redhat.com/errata/RHSA-2012-0411.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/48493 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.openoffice.org/security/cves/CVE-2012-… x_refsource_CONFIRM
    http://librdf.org/raptor/RELEASE.html#rel2_0_7 x_refsource_CONFIRM
    https://github.com/dajobe/raptor/commit/a676f2353… x_refsource_CONFIRM
    https://lists.apache.org/thread.html/re0504f08000… mailing-listx_refsource_MLIST
    Date Public
    2012-01-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:09:17.171Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "60799",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60799"
              },
              {
                "name": "48526",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48526"
              },
              {
                "name": "48479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48479"
              },
              {
                "name": "GLSA-201408-19",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
              },
              {
                "name": "GLSA-201209-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
              },
              {
                "name": "48494",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48494"
              },
              {
                "name": "1026837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026837"
              },
              {
                "name": "MDVSA-2012:061",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
              },
              {
                "name": "52681",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52681"
              },
              {
                "name": "FEDORA-2012-4663",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
              },
              {
                "name": "48529",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48529"
              },
              {
                "name": "80307",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/80307"
              },
              {
                "name": "RHSA-2012:0410",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
              },
              {
                "name": "[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation  (Multiple office products affected)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
              },
              {
                "name": "MDVSA-2012:062",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
              },
              {
                "name": "48542",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48542"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://vsecurity.com/resources/advisory/20120324-1/"
              },
              {
                "name": "50692",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50692"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
              },
              {
                "name": "48649",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48649"
              },
              {
                "name": "openoffice-xml-info-disclosure(74235)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
              },
              {
                "name": "DSA-2438",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2012/dsa-2438"
              },
              {
                "name": "RHSA-2012:0411",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
              },
              {
                "name": "48493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48493"
              },
              {
                "name": "FEDORA-2012-4629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
              },
              {
                "name": "MDVSA-2012:063",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
              },
              {
                "name": "[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-01-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-05T13:06:05.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "60799",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60799"
            },
            {
              "name": "48526",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48526"
            },
            {
              "name": "48479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48479"
            },
            {
              "name": "GLSA-201408-19",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
            },
            {
              "name": "GLSA-201209-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
            },
            {
              "name": "48494",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48494"
            },
            {
              "name": "1026837",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026837"
            },
            {
              "name": "MDVSA-2012:061",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
            },
            {
              "name": "52681",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/52681"
            },
            {
              "name": "FEDORA-2012-4663",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
            },
            {
              "name": "48529",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48529"
            },
            {
              "name": "80307",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/80307"
            },
            {
              "name": "RHSA-2012:0410",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
            },
            {
              "name": "[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation  (Multiple office products affected)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
            },
            {
              "name": "MDVSA-2012:062",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
            },
            {
              "name": "48542",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48542"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://vsecurity.com/resources/advisory/20120324-1/"
            },
            {
              "name": "50692",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50692"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
            },
            {
              "name": "48649",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48649"
            },
            {
              "name": "openoffice-xml-info-disclosure(74235)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
            },
            {
              "name": "DSA-2438",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2012/dsa-2438"
            },
            {
              "name": "RHSA-2012:0411",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
            },
            {
              "name": "48493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48493"
            },
            {
              "name": "FEDORA-2012-4629",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
            },
            {
              "name": "MDVSA-2012:063",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
            },
            {
              "name": "[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-0037",
        "datePublished": "2012-06-17T01:00:00.000Z",
        "dateReserved": "2011-12-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:09:17.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-1823 (GCVE-0-2012-1823)

    Vulnerability from nvd – Published: 2012-05-11 10:00 – Updated: 2025-11-04 17:11
    VLAI CISA KEVIntel
    Summary
    sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=134012830914727&w=2 vendor-advisory
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisory
    http://www.securitytracker.com/id?1027022 vdb-entry
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisory
    http://www.mandriva.com/security/advisories?name=… vendor-advisory
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0546.html vendor-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0568.html vendor-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0569.html vendor-advisory
    http://www.php.net/ChangeLog-5.php#5.4.2
    http://secunia.com/advisories/49014 third-party-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0570.html vendor-advisory
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisory
    https://bugs.php.net/bug.php?id=61910
    http://www.kb.cert.org/vuls/id/673343 third-party-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0547.html vendor-advisory
    http://lists.apple.com/archives/security-announce… vendor-advisory
    http://support.apple.com/kb/HT5501
    http://eindbazen.net/2012/05/php-cgi-advisory-cve…
    http://secunia.com/advisories/49065 third-party-advisory
    http://www.kb.cert.org/vuls/id/520827 third-party-advisory
    https://bugs.php.net/patch-display.php?bug_id=619…
    http://www.debian.org/security/2012/dsa-2465 vendor-advisory
    http://secunia.com/advisories/49085 third-party-advisory
    http://www.php.net/archive/2012.php#id2012-05-03-1
    http://secunia.com/advisories/49087 third-party-advisory
    http://www.openwall.com/lists/oss-security/2024/06/07/1 mailing-list
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
    https://lists.fedoraproject.org/archives/list/pac…
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    Date Public
    2012-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T17:11:54.860Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT100856",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
              },
              {
                "name": "SUSE-SU-2012:0604",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
              },
              {
                "name": "1027022",
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1027022"
              },
              {
                "name": "HPSBMU02786",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
              },
              {
                "name": "MDVSA-2012:068",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"
              },
              {
                "name": "openSUSE-SU-2012:0590",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
              },
              {
                "name": "RHSA-2012:0546",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"
              },
              {
                "name": "RHSA-2012:0568",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"
              },
              {
                "name": "RHSA-2012:0569",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.php.net/ChangeLog-5.php#5.4.2"
              },
              {
                "name": "49014",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49014"
              },
              {
                "name": "RHSA-2012:0570",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"
              },
              {
                "name": "SUSE-SU-2012:0598",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugs.php.net/bug.php?id=61910"
              },
              {
                "name": "VU#673343",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/673343"
              },
              {
                "name": "RHSA-2012:0547",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"
              },
              {
                "name": "APPLE-SA-2012-09-19-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT5501"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
              },
              {
                "name": "49065",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49065"
              },
              {
                "name": "VU#520827",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/520827"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugs.php.net/patch-display.php?bug_id=61910\u0026patch=cgi.diff\u0026revision=1335984315\u0026display=1"
              },
              {
                "name": "SSRT100877",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
              },
              {
                "name": "HPSBUX02791",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
              },
              {
                "name": "DSA-2465",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2012/dsa-2465"
              },
              {
                "name": "49085",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49085"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.php.net/archive/2012.php#id2012-05-03-1"
              },
              {
                "name": "49087",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49087"
              },
              {
                "name": "[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
              },
              {
                "name": "FEDORA-2024-49aba7b305",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
              },
              {
                "name": "FEDORA-2024-52c23ef1ec",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2012-1823",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T13:10:55.600294Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-03-25",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1823"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-22T00:05:47.580Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1823"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-03-25T00:00:00.000Z",
                "value": "CVE-2012-1823 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the \u0027d\u0027 case."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-13T04:06:14.603Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "SSRT100856",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
            },
            {
              "name": "SUSE-SU-2012:0604",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
            },
            {
              "name": "1027022",
              "tags": [
                "vdb-entry"
              ],
              "url": "http://www.securitytracker.com/id?1027022"
            },
            {
              "name": "HPSBMU02786",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "MDVSA-2012:068",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"
            },
            {
              "name": "openSUSE-SU-2012:0590",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
            },
            {
              "name": "RHSA-2012:0546",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"
            },
            {
              "name": "RHSA-2012:0568",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"
            },
            {
              "name": "RHSA-2012:0569",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"
            },
            {
              "url": "http://www.php.net/ChangeLog-5.php#5.4.2"
            },
            {
              "name": "49014",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49014"
            },
            {
              "name": "RHSA-2012:0570",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"
            },
            {
              "name": "SUSE-SU-2012:0598",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
            },
            {
              "url": "https://bugs.php.net/bug.php?id=61910"
            },
            {
              "name": "VU#673343",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://www.kb.cert.org/vuls/id/673343"
            },
            {
              "name": "RHSA-2012:0547",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"
            },
            {
              "name": "APPLE-SA-2012-09-19-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
            },
            {
              "url": "http://support.apple.com/kb/HT5501"
            },
            {
              "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
            },
            {
              "name": "49065",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49065"
            },
            {
              "name": "VU#520827",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://www.kb.cert.org/vuls/id/520827"
            },
            {
              "url": "https://bugs.php.net/patch-display.php?bug_id=61910\u0026patch=cgi.diff\u0026revision=1335984315\u0026display=1"
            },
            {
              "name": "SSRT100877",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "HPSBUX02791",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
            },
            {
              "name": "DSA-2465",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://www.debian.org/security/2012/dsa-2465"
            },
            {
              "name": "49085",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49085"
            },
            {
              "url": "http://www.php.net/archive/2012.php#id2012-05-03-1"
            },
            {
              "name": "49087",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49087"
            },
            {
              "name": "[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
            },
            {
              "name": "FEDORA-2024-49aba7b305",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
            },
            {
              "name": "FEDORA-2024-52c23ef1ec",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2012-1823",
        "datePublished": "2012-05-11T10:00:00.000Z",
        "dateReserved": "2012-03-21T00:00:00.000Z",
        "dateUpdated": "2025-11-04T17:11:54.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2011-3045 (GCVE-0-2011-3045)

    Vulnerability from nvd – Published: 2012-03-22 16:00 – Updated: 2025-06-09 15:35
    VLAI
    Summary
    Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-195 - Signed to Unsigned Conversion Error
    Assigner
    References
    URL Tags
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/49660 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2012-0407.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2012/dsa-2439 vendor-advisoryx_refsource_DEBIAN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/48320 third-party-advisoryx_refsource_SECUNIA
    http://src.chromium.org/viewvc/chrome?view=rev&re… x_refsource_CONFIRM
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://security.gentoo.org/glsa/glsa-201206-15.xml vendor-advisoryx_refsource_GENTOO
    http://rhn.redhat.com/errata/RHSA-2012-0488.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=799000 x_refsource_CONFIRM
    http://secunia.com/advisories/48485 third-party-advisoryx_refsource_SECUNIA
    http://googlechromereleases.blogspot.com/2012/03/… x_refsource_CONFIRM
    http://libpng.git.sourceforge.net/git/gitweb.cgi?… x_refsource_CONFIRM
    http://secunia.com/advisories/48554 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-updates/2012-0… vendor-advisoryx_refsource_SUSE
    http://code.google.com/p/chromium/issues/detail?i… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1026823 vdb-entryx_refsource_SECTRACK
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/48512 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2012-03-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:22:27.386Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2012-3545",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html"
              },
              {
                "name": "49660",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49660"
              },
              {
                "name": "RHSA-2012:0407",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0407.html"
              },
              {
                "name": "MDVSA-2012:033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:033"
              },
              {
                "name": "FEDORA-2012-3507",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html"
              },
              {
                "name": "DSA-2439",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2012/dsa-2439"
              },
              {
                "name": "FEDORA-2012-3605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html"
              },
              {
                "name": "48320",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48320"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311"
              },
              {
                "name": "FEDORA-2012-3739",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html"
              },
              {
                "name": "FEDORA-2012-3536",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html"
              },
              {
                "name": "openSUSE-SU-2012:0466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html"
              },
              {
                "name": "GLSA-201206-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
              },
              {
                "name": "RHSA-2012:0488",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
              },
              {
                "name": "oval:org.mitre.oval:def:14763",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799000"
              },
              {
                "name": "48485",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48485"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b"
              },
              {
                "name": "48554",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48554"
              },
              {
                "name": "openSUSE-SU-2012:0432",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://code.google.com/p/chromium/issues/detail?id=116162"
              },
              {
                "name": "1026823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026823"
              },
              {
                "name": "FEDORA-2012-3705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html"
              },
              {
                "name": "48512",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48512"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2011-3045",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-09T15:35:38.664911Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-195",
                    "description": "CWE-195 Signed to Unsigned Conversion Error",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-09T15:35:52.219Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-03-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-09T17:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2012-3545",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html"
            },
            {
              "name": "49660",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/49660"
            },
            {
              "name": "RHSA-2012:0407",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0407.html"
            },
            {
              "name": "MDVSA-2012:033",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:033"
            },
            {
              "name": "FEDORA-2012-3507",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html"
            },
            {
              "name": "DSA-2439",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2012/dsa-2439"
            },
            {
              "name": "FEDORA-2012-3605",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html"
            },
            {
              "name": "48320",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48320"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311"
            },
            {
              "name": "FEDORA-2012-3739",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html"
            },
            {
              "name": "FEDORA-2012-3536",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html"
            },
            {
              "name": "openSUSE-SU-2012:0466",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html"
            },
            {
              "name": "GLSA-201206-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
            },
            {
              "name": "RHSA-2012:0488",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
            },
            {
              "name": "oval:org.mitre.oval:def:14763",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799000"
            },
            {
              "name": "48485",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48485"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b"
            },
            {
              "name": "48554",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48554"
            },
            {
              "name": "openSUSE-SU-2012:0432",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://code.google.com/p/chromium/issues/detail?id=116162"
            },
            {
              "name": "1026823",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026823"
            },
            {
              "name": "FEDORA-2012-3705",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html"
            },
            {
              "name": "48512",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48512"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3045",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2012-3545",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html"
                },
                {
                  "name": "49660",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/49660"
                },
                {
                  "name": "RHSA-2012:0407",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-0407.html"
                },
                {
                  "name": "MDVSA-2012:033",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:033"
                },
                {
                  "name": "FEDORA-2012-3507",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html"
                },
                {
                  "name": "DSA-2439",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2012/dsa-2439"
                },
                {
                  "name": "FEDORA-2012-3605",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html"
                },
                {
                  "name": "48320",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48320"
                },
                {
                  "name": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311",
                  "refsource": "CONFIRM",
                  "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311"
                },
                {
                  "name": "FEDORA-2012-3739",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html"
                },
                {
                  "name": "FEDORA-2012-3536",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html"
                },
                {
                  "name": "openSUSE-SU-2012:0466",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html"
                },
                {
                  "name": "GLSA-201206-15",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
                },
                {
                  "name": "RHSA-2012:0488",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:14763",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=799000",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799000"
                },
                {
                  "name": "48485",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48485"
                },
                {
                  "name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html",
                  "refsource": "CONFIRM",
                  "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
                },
                {
                  "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b",
                  "refsource": "CONFIRM",
                  "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b"
                },
                {
                  "name": "48554",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48554"
                },
                {
                  "name": "openSUSE-SU-2012:0432",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html"
                },
                {
                  "name": "http://code.google.com/p/chromium/issues/detail?id=116162",
                  "refsource": "CONFIRM",
                  "url": "http://code.google.com/p/chromium/issues/detail?id=116162"
                },
                {
                  "name": "1026823",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026823"
                },
                {
                  "name": "FEDORA-2012-3705",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html"
                },
                {
                  "name": "48512",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48512"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3045",
        "datePublished": "2012-03-22T16:00:00.000Z",
        "dateReserved": "2011-08-09T00:00:00.000Z",
        "dateUpdated": "2025-06-09T15:35:52.219Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-4406 (GCVE-0-2012-4406)

    Vulnerability from cvelistv5 – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
    VLAI
    Summary
    OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-06-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:35:09.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/openstack/swift/commit/e1ff51c04554d51616d2845f92ab726cb0e5831a"
              },
              {
                "name": "55420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55420"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/swift/+milestone/1.7.0"
              },
              {
                "name": "RHSA-2012:1379",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1379.html"
              },
              {
                "name": "openstack-swift-loads-code-exec(79140)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79140"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/swift/+bug/1006414"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854757"
              },
              {
                "name": "[oss-security] 20120905 CVE-Request: openstack pickle de-serialization",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/05/4"
              },
              {
                "name": "FEDORA-2012-15098",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089472.html"
              },
              {
                "name": "RHSA-2013:0691",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-0691.html"
              },
              {
                "name": "[oss-security] 20120905 Re: CVE-Request: openstack pickle de-serialization",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/05/16"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-06-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/openstack/swift/commit/e1ff51c04554d51616d2845f92ab726cb0e5831a"
            },
            {
              "name": "55420",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55420"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/swift/+milestone/1.7.0"
            },
            {
              "name": "RHSA-2012:1379",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1379.html"
            },
            {
              "name": "openstack-swift-loads-code-exec(79140)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79140"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/swift/+bug/1006414"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854757"
            },
            {
              "name": "[oss-security] 20120905 CVE-Request: openstack pickle de-serialization",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/05/4"
            },
            {
              "name": "FEDORA-2012-15098",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089472.html"
            },
            {
              "name": "RHSA-2013:0691",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0691.html"
            },
            {
              "name": "[oss-security] 20120905 Re: CVE-Request: openstack pickle de-serialization",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/05/16"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-4406",
        "datePublished": "2012-10-22T23:00:00.000Z",
        "dateReserved": "2012-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:35:09.281Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-0037 (GCVE-0-2012-0037)

    Vulnerability from cvelistv5 – Published: 2012-06-17 01:00 – Updated: 2024-08-06 18:09
    VLAI
    Summary
    Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/60799 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/48526 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/48479 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20140… vendor-advisoryx_refsource_GENTOO
    http://security.gentoo.org/glsa/glsa-201209-05.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/48494 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1026837 vdb-entryx_refsource_SECTRACK
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/52681 vdb-entryx_refsource_BID
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/48529 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/80307 vdb-entryx_refsource_OSVDB
    http://rhn.redhat.com/errata/RHSA-2012-0410.html vendor-advisoryx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2012/03/27/4 mailing-listx_refsource_MLIST
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/48542 third-party-advisoryx_refsource_SECUNIA
    http://www.libreoffice.org/advisories/CVE-2012-0037/ x_refsource_CONFIRM
    http://vsecurity.com/resources/advisory/20120324-1/ x_refsource_MISC
    http://secunia.com/advisories/50692 third-party-advisoryx_refsource_SECUNIA
    http://blog.documentfoundation.org/2012/03/22/tdf… x_refsource_CONFIRM
    http://secunia.com/advisories/48649 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2012/dsa-2438 vendor-advisoryx_refsource_DEBIAN
    http://rhn.redhat.com/errata/RHSA-2012-0411.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/48493 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.openoffice.org/security/cves/CVE-2012-… x_refsource_CONFIRM
    http://librdf.org/raptor/RELEASE.html#rel2_0_7 x_refsource_CONFIRM
    https://github.com/dajobe/raptor/commit/a676f2353… x_refsource_CONFIRM
    https://lists.apache.org/thread.html/re0504f08000… mailing-listx_refsource_MLIST
    Date Public
    2012-01-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:09:17.171Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "60799",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60799"
              },
              {
                "name": "48526",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48526"
              },
              {
                "name": "48479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48479"
              },
              {
                "name": "GLSA-201408-19",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
              },
              {
                "name": "GLSA-201209-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
              },
              {
                "name": "48494",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48494"
              },
              {
                "name": "1026837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026837"
              },
              {
                "name": "MDVSA-2012:061",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
              },
              {
                "name": "52681",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52681"
              },
              {
                "name": "FEDORA-2012-4663",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
              },
              {
                "name": "48529",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48529"
              },
              {
                "name": "80307",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/80307"
              },
              {
                "name": "RHSA-2012:0410",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
              },
              {
                "name": "[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation  (Multiple office products affected)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
              },
              {
                "name": "MDVSA-2012:062",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
              },
              {
                "name": "48542",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48542"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://vsecurity.com/resources/advisory/20120324-1/"
              },
              {
                "name": "50692",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50692"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
              },
              {
                "name": "48649",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48649"
              },
              {
                "name": "openoffice-xml-info-disclosure(74235)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
              },
              {
                "name": "DSA-2438",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2012/dsa-2438"
              },
              {
                "name": "RHSA-2012:0411",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
              },
              {
                "name": "48493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48493"
              },
              {
                "name": "FEDORA-2012-4629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
              },
              {
                "name": "MDVSA-2012:063",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
              },
              {
                "name": "[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-01-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-05T13:06:05.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "60799",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60799"
            },
            {
              "name": "48526",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48526"
            },
            {
              "name": "48479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48479"
            },
            {
              "name": "GLSA-201408-19",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
            },
            {
              "name": "GLSA-201209-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
            },
            {
              "name": "48494",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48494"
            },
            {
              "name": "1026837",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026837"
            },
            {
              "name": "MDVSA-2012:061",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
            },
            {
              "name": "52681",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/52681"
            },
            {
              "name": "FEDORA-2012-4663",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
            },
            {
              "name": "48529",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48529"
            },
            {
              "name": "80307",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/80307"
            },
            {
              "name": "RHSA-2012:0410",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
            },
            {
              "name": "[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation  (Multiple office products affected)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
            },
            {
              "name": "MDVSA-2012:062",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
            },
            {
              "name": "48542",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48542"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://vsecurity.com/resources/advisory/20120324-1/"
            },
            {
              "name": "50692",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50692"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
            },
            {
              "name": "48649",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48649"
            },
            {
              "name": "openoffice-xml-info-disclosure(74235)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
            },
            {
              "name": "DSA-2438",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2012/dsa-2438"
            },
            {
              "name": "RHSA-2012:0411",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
            },
            {
              "name": "48493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48493"
            },
            {
              "name": "FEDORA-2012-4629",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
            },
            {
              "name": "MDVSA-2012:063",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
            },
            {
              "name": "[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-0037",
        "datePublished": "2012-06-17T01:00:00.000Z",
        "dateReserved": "2011-12-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:09:17.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-1823 (GCVE-0-2012-1823)

    Vulnerability from cvelistv5 – Published: 2012-05-11 10:00 – Updated: 2025-11-04 17:11
    VLAI CISA KEVIntel
    Summary
    sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=134012830914727&w=2 vendor-advisory
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisory
    http://www.securitytracker.com/id?1027022 vdb-entry
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisory
    http://www.mandriva.com/security/advisories?name=… vendor-advisory
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0546.html vendor-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0568.html vendor-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0569.html vendor-advisory
    http://www.php.net/ChangeLog-5.php#5.4.2
    http://secunia.com/advisories/49014 third-party-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0570.html vendor-advisory
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisory
    https://bugs.php.net/bug.php?id=61910
    http://www.kb.cert.org/vuls/id/673343 third-party-advisory
    http://rhn.redhat.com/errata/RHSA-2012-0547.html vendor-advisory
    http://lists.apple.com/archives/security-announce… vendor-advisory
    http://support.apple.com/kb/HT5501
    http://eindbazen.net/2012/05/php-cgi-advisory-cve…
    http://secunia.com/advisories/49065 third-party-advisory
    http://www.kb.cert.org/vuls/id/520827 third-party-advisory
    https://bugs.php.net/patch-display.php?bug_id=619…
    http://www.debian.org/security/2012/dsa-2465 vendor-advisory
    http://secunia.com/advisories/49085 third-party-advisory
    http://www.php.net/archive/2012.php#id2012-05-03-1
    http://secunia.com/advisories/49087 third-party-advisory
    http://www.openwall.com/lists/oss-security/2024/06/07/1 mailing-list
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
    https://lists.fedoraproject.org/archives/list/pac…
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    Date Public
    2012-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T17:11:54.860Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT100856",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
              },
              {
                "name": "SUSE-SU-2012:0604",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
              },
              {
                "name": "1027022",
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1027022"
              },
              {
                "name": "HPSBMU02786",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
              },
              {
                "name": "MDVSA-2012:068",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"
              },
              {
                "name": "openSUSE-SU-2012:0590",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
              },
              {
                "name": "RHSA-2012:0546",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"
              },
              {
                "name": "RHSA-2012:0568",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"
              },
              {
                "name": "RHSA-2012:0569",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.php.net/ChangeLog-5.php#5.4.2"
              },
              {
                "name": "49014",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49014"
              },
              {
                "name": "RHSA-2012:0570",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"
              },
              {
                "name": "SUSE-SU-2012:0598",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugs.php.net/bug.php?id=61910"
              },
              {
                "name": "VU#673343",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/673343"
              },
              {
                "name": "RHSA-2012:0547",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"
              },
              {
                "name": "APPLE-SA-2012-09-19-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT5501"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
              },
              {
                "name": "49065",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49065"
              },
              {
                "name": "VU#520827",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/520827"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugs.php.net/patch-display.php?bug_id=61910\u0026patch=cgi.diff\u0026revision=1335984315\u0026display=1"
              },
              {
                "name": "SSRT100877",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
              },
              {
                "name": "HPSBUX02791",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
              },
              {
                "name": "DSA-2465",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2012/dsa-2465"
              },
              {
                "name": "49085",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49085"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.php.net/archive/2012.php#id2012-05-03-1"
              },
              {
                "name": "49087",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49087"
              },
              {
                "name": "[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
              },
              {
                "name": "FEDORA-2024-49aba7b305",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
              },
              {
                "name": "FEDORA-2024-52c23ef1ec",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2012-1823",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T13:10:55.600294Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-03-25",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1823"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-22T00:05:47.580Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1823"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-03-25T00:00:00.000Z",
                "value": "CVE-2012-1823 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the \u0027d\u0027 case."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-13T04:06:14.603Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "SSRT100856",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
            },
            {
              "name": "SUSE-SU-2012:0604",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
            },
            {
              "name": "1027022",
              "tags": [
                "vdb-entry"
              ],
              "url": "http://www.securitytracker.com/id?1027022"
            },
            {
              "name": "HPSBMU02786",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "MDVSA-2012:068",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"
            },
            {
              "name": "openSUSE-SU-2012:0590",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
            },
            {
              "name": "RHSA-2012:0546",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"
            },
            {
              "name": "RHSA-2012:0568",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"
            },
            {
              "name": "RHSA-2012:0569",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"
            },
            {
              "url": "http://www.php.net/ChangeLog-5.php#5.4.2"
            },
            {
              "name": "49014",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49014"
            },
            {
              "name": "RHSA-2012:0570",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"
            },
            {
              "name": "SUSE-SU-2012:0598",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
            },
            {
              "url": "https://bugs.php.net/bug.php?id=61910"
            },
            {
              "name": "VU#673343",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://www.kb.cert.org/vuls/id/673343"
            },
            {
              "name": "RHSA-2012:0547",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"
            },
            {
              "name": "APPLE-SA-2012-09-19-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
            },
            {
              "url": "http://support.apple.com/kb/HT5501"
            },
            {
              "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
            },
            {
              "name": "49065",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49065"
            },
            {
              "name": "VU#520827",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://www.kb.cert.org/vuls/id/520827"
            },
            {
              "url": "https://bugs.php.net/patch-display.php?bug_id=61910\u0026patch=cgi.diff\u0026revision=1335984315\u0026display=1"
            },
            {
              "name": "SSRT100877",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "HPSBUX02791",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
            },
            {
              "name": "DSA-2465",
              "tags": [
                "vendor-advisory"
              ],
              "url": "http://www.debian.org/security/2012/dsa-2465"
            },
            {
              "name": "49085",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49085"
            },
            {
              "url": "http://www.php.net/archive/2012.php#id2012-05-03-1"
            },
            {
              "name": "49087",
              "tags": [
                "third-party-advisory"
              ],
              "url": "http://secunia.com/advisories/49087"
            },
            {
              "name": "[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
            },
            {
              "name": "FEDORA-2024-49aba7b305",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
            },
            {
              "name": "FEDORA-2024-52c23ef1ec",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2012-1823",
        "datePublished": "2012-05-11T10:00:00.000Z",
        "dateReserved": "2012-03-21T00:00:00.000Z",
        "dateUpdated": "2025-11-04T17:11:54.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2011-3045 (GCVE-0-2011-3045)

    Vulnerability from cvelistv5 – Published: 2012-03-22 16:00 – Updated: 2025-06-09 15:35
    VLAI
    Summary
    Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-195 - Signed to Unsigned Conversion Error
    Assigner
    References
    URL Tags
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/49660 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2012-0407.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2012/dsa-2439 vendor-advisoryx_refsource_DEBIAN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/48320 third-party-advisoryx_refsource_SECUNIA
    http://src.chromium.org/viewvc/chrome?view=rev&re… x_refsource_CONFIRM
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://security.gentoo.org/glsa/glsa-201206-15.xml vendor-advisoryx_refsource_GENTOO
    http://rhn.redhat.com/errata/RHSA-2012-0488.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=799000 x_refsource_CONFIRM
    http://secunia.com/advisories/48485 third-party-advisoryx_refsource_SECUNIA
    http://googlechromereleases.blogspot.com/2012/03/… x_refsource_CONFIRM
    http://libpng.git.sourceforge.net/git/gitweb.cgi?… x_refsource_CONFIRM
    http://secunia.com/advisories/48554 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-updates/2012-0… vendor-advisoryx_refsource_SUSE
    http://code.google.com/p/chromium/issues/detail?i… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1026823 vdb-entryx_refsource_SECTRACK
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/48512 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2012-03-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:22:27.386Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2012-3545",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html"
              },
              {
                "name": "49660",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49660"
              },
              {
                "name": "RHSA-2012:0407",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0407.html"
              },
              {
                "name": "MDVSA-2012:033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:033"
              },
              {
                "name": "FEDORA-2012-3507",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html"
              },
              {
                "name": "DSA-2439",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2012/dsa-2439"
              },
              {
                "name": "FEDORA-2012-3605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html"
              },
              {
                "name": "48320",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48320"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311"
              },
              {
                "name": "FEDORA-2012-3739",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html"
              },
              {
                "name": "FEDORA-2012-3536",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html"
              },
              {
                "name": "openSUSE-SU-2012:0466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html"
              },
              {
                "name": "GLSA-201206-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
              },
              {
                "name": "RHSA-2012:0488",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
              },
              {
                "name": "oval:org.mitre.oval:def:14763",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799000"
              },
              {
                "name": "48485",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48485"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b"
              },
              {
                "name": "48554",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48554"
              },
              {
                "name": "openSUSE-SU-2012:0432",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://code.google.com/p/chromium/issues/detail?id=116162"
              },
              {
                "name": "1026823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026823"
              },
              {
                "name": "FEDORA-2012-3705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html"
              },
              {
                "name": "48512",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48512"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2011-3045",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-09T15:35:38.664911Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-195",
                    "description": "CWE-195 Signed to Unsigned Conversion Error",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-09T15:35:52.219Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-03-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-09T17:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2012-3545",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html"
            },
            {
              "name": "49660",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/49660"
            },
            {
              "name": "RHSA-2012:0407",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0407.html"
            },
            {
              "name": "MDVSA-2012:033",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:033"
            },
            {
              "name": "FEDORA-2012-3507",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html"
            },
            {
              "name": "DSA-2439",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2012/dsa-2439"
            },
            {
              "name": "FEDORA-2012-3605",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html"
            },
            {
              "name": "48320",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48320"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311"
            },
            {
              "name": "FEDORA-2012-3739",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html"
            },
            {
              "name": "FEDORA-2012-3536",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html"
            },
            {
              "name": "openSUSE-SU-2012:0466",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html"
            },
            {
              "name": "GLSA-201206-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
            },
            {
              "name": "RHSA-2012:0488",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
            },
            {
              "name": "oval:org.mitre.oval:def:14763",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799000"
            },
            {
              "name": "48485",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48485"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b"
            },
            {
              "name": "48554",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48554"
            },
            {
              "name": "openSUSE-SU-2012:0432",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://code.google.com/p/chromium/issues/detail?id=116162"
            },
            {
              "name": "1026823",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026823"
            },
            {
              "name": "FEDORA-2012-3705",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html"
            },
            {
              "name": "48512",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48512"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3045",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2012-3545",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html"
                },
                {
                  "name": "49660",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/49660"
                },
                {
                  "name": "RHSA-2012:0407",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-0407.html"
                },
                {
                  "name": "MDVSA-2012:033",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:033"
                },
                {
                  "name": "FEDORA-2012-3507",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html"
                },
                {
                  "name": "DSA-2439",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2012/dsa-2439"
                },
                {
                  "name": "FEDORA-2012-3605",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html"
                },
                {
                  "name": "48320",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48320"
                },
                {
                  "name": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311",
                  "refsource": "CONFIRM",
                  "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=125311"
                },
                {
                  "name": "FEDORA-2012-3739",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html"
                },
                {
                  "name": "FEDORA-2012-3536",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html"
                },
                {
                  "name": "openSUSE-SU-2012:0466",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html"
                },
                {
                  "name": "GLSA-201206-15",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
                },
                {
                  "name": "RHSA-2012:0488",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:14763",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=799000",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799000"
                },
                {
                  "name": "48485",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48485"
                },
                {
                  "name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html",
                  "refsource": "CONFIRM",
                  "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
                },
                {
                  "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b",
                  "refsource": "CONFIRM",
                  "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b"
                },
                {
                  "name": "48554",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48554"
                },
                {
                  "name": "openSUSE-SU-2012:0432",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html"
                },
                {
                  "name": "http://code.google.com/p/chromium/issues/detail?id=116162",
                  "refsource": "CONFIRM",
                  "url": "http://code.google.com/p/chromium/issues/detail?id=116162"
                },
                {
                  "name": "1026823",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026823"
                },
                {
                  "name": "FEDORA-2012-3705",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html"
                },
                {
                  "name": "48512",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48512"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3045",
        "datePublished": "2012-03-22T16:00:00.000Z",
        "dateReserved": "2011-08-09T00:00:00.000Z",
        "dateUpdated": "2025-06-09T15:35:52.219Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }