CyberSec.Space Logo
CVEブラウザに戻る

CVE-2012-4560

HIGH
7.5
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile25.58th
Published2012年11月30日
Last Modified2026年4月29日

Vulnerability Description

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.

Affected Platforms (CPE)

📦
Libssh

Libssh

<= 0.5.2
📦
Libssh

Libssh

= 0.4.7
📦
Libssh

Libssh

= 0.4.8
📦
Libssh

Libssh

= 0.5.0
📦
Libssh

Libssh

= 0.5.0
📦
Libssh

Libssh

= 0.5.1

References & Advisories

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html
🔗 http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html
🔗 http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html
🔗 http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/
🔗 http://www.mandriva.com/security/advisories?name=MDVSA-2012:175
🔗 http://www.openwall.com/lists/oss-security/2012/11/20/3

関連する脆弱性情報

CVE-2018-109339.1

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create c...

CVE-2019-148898.8

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client ...

CVE-2026-09668.2

A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length inp...

CVE-2012-45627.5

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and...