CVE-2012-4459

Currently unrated

Key Information:

Vendor: Apache
Status: Qpid
Vendor: CVE Published:; 14 March 2013

Summary

Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.

References

https://bugzilla.redhat.com/show_bug.cgi?id=861241

x_refsource_MISC

https://issues.apache.org/jira/issues/?jql=fixVersion%20%...

x_refsource_CONFIRM

http://rhn.redhat.com/errata/RHSA-2013-0561.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 14, 2013