CVE-2012-0870

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.
References
Link Resource
http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565 Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html
http://secunia.com/advisories/48116
http://secunia.com/advisories/48186
http://secunia.com/advisories/48844
http://secunia.com/advisories/48879
http://support.apple.com/kb/HT5281
http://www.ubuntu.com/usn/USN-1374-1
https://bugzilla.redhat.com/show_bug.cgi?id=795509 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/73361
http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565 Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html
http://secunia.com/advisories/48116
http://secunia.com/advisories/48186
http://secunia.com/advisories/48844
http://secunia.com/advisories/48879
http://support.apple.com/kb/HT5281
http://www.ubuntu.com/usn/USN-1374-1
https://bugzilla.redhat.com/show_bug.cgi?id=795509 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/73361
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
cpe:2.3:h:rim:blackberry_playbook_tablet:-:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:*:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.3:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.5:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.6:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.7:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.7.2942:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.7.3312:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.8.4985:*:*:*:*:*:*:*
cpe:2.3:o:rim:blackberry_playbook_os:1.0.8.6067:*:*:*:*:*:*:*

History

21 Nov 2024, 01:35

Type Values Removed Values Added
References () http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565 - Patch, Vendor Advisory () http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565 - Patch, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2012/May/msg00001.html - () http://lists.apple.com/archives/security-announce/2012/May/msg00001.html -
References () http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html - () http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html -
References () http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html - () http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html -
References () http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html - () http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html -
References () http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html - () http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html -
References () http://secunia.com/advisories/48116 - () http://secunia.com/advisories/48116 -
References () http://secunia.com/advisories/48186 - () http://secunia.com/advisories/48186 -
References () http://secunia.com/advisories/48844 - () http://secunia.com/advisories/48844 -
References () http://secunia.com/advisories/48879 - () http://secunia.com/advisories/48879 -
References () http://support.apple.com/kb/HT5281 - () http://support.apple.com/kb/HT5281 -
References () http://www.ubuntu.com/usn/USN-1374-1 - () http://www.ubuntu.com/usn/USN-1374-1 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=795509 - Patch () https://bugzilla.redhat.com/show_bug.cgi?id=795509 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/73361 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/73361 -

Information

Published : 2012-02-23 12:33

Updated : 2024-11-21 01:35


NVD link : CVE-2012-0870

Mitre link : CVE-2012-0870

CVE.ORG link : CVE-2012-0870


JSON object : View

Products Affected

rim

  • blackberry_playbook_tablet
  • blackberry_playbook_os

samba

  • samba
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer