CVEブラウザに戻る

CVE-2012-4562

HIGH

7.5

CVSS Severity Score

EPSS Score0.0600%

EPSS Percentile38.88th

Published2012年11月30日

Last Modified2026年4月29日

Vulnerability Description

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified vulnerabilities.

Affected Platforms (CPE)

📦

Libssh

Libssh

<= 0.5.2

📦

Libssh

Libssh

= 0.4.7

📦

Libssh

Libssh

= 0.4.8

📦

Libssh

Libssh

= 0.5.0

📦

Libssh

Libssh

= 0.5.0

📦

Libssh

Libssh

= 0.5.1

References & Advisories

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00015.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html

🔗 http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html

🔗 http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html

🔗 http://www.debian.org/security/2012/dsa-2577

🔗 http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/

関連する脆弱性情報

CVE-2018-109339.1

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create c...

CVE-2019-148898.8

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client ...

CVE-2026-09668.2

A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length inp...

CVE-2012-45607.5

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute a...