CVE-2012-0870

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.
Severity
UNKNOWN
AV:A/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
ADJACENT_NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
sambasamba
3.0.0
rimblackberry_playbook_tablet
-
rimblackberry_playbook_os
𝑥
≤ 2.0
rimblackberry_playbook_os
1.0
rimblackberry_playbook_os
1.0.3
rimblackberry_playbook_os
1.0.5
rimblackberry_playbook_os
1.0.6
rimblackberry_playbook_os
1.0.7
rimblackberry_playbook_os
1.0.7.2942
rimblackberry_playbook_os
1.0.7.3312
rimblackberry_playbook_os
1.0.8.4985
rimblackberry_playbook_os
1.0.8.6067
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
samba
bullseye (security)
2:4.13.13+dfsg-1~deb11u6
fixed
bullseye
2:4.13.13+dfsg-1~deb11u6
fixed
lenny
not-affected
squeeze
not-affected
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
Fixed 3.0.28a-1ubuntu4.17
released
References