Integer Overflow Vulnerability in Apache Qpid Affects Remote Messaging
CVE-2012-4459

Currently unrated

Key Information:

Vendor: Apache
Status: Qpid
Vendor: CVE Published:; 14 March 2013

Summary

An integer overflow vulnerability exists in the qpid::framing::Buffer::checkAvailable function within Apache Qpid versions 0.20 and earlier. This flaw allows remote attackers to exploit the system by sending specially crafted messages. Such a manipulation can result in an out-of-bounds read, potentially leading to application crashes and denial of service, impacting the availability of services relying on Apache Qpid.

References

https://bugzilla.redhat.com/show_bug.cgi?id=861241

x_refsource_MISC

https://issues.apache.org/jira/issues/?jql=fixVersion%20%...

x_refsource_CONFIRM

http://rhn.redhat.com/errata/RHSA-2013-0561.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 14, 2013