CVE-2012-4527

EUVD-2012-4455
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name.  NOTE: it is not clear whether this is a vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
mcryptmcrypt
𝑥
≤ 2.6.8
mcryptmcrypt
2.6.4
mcryptmcrypt
2.6.5
mcryptmcrypt
2.6.6
mcryptmcrypt
2.6.7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mcrypt
bookworm
2.6.8-6
fixed
bullseye
2.6.8-4
fixed
sid
2.6.8-8
fixed
trixie
2.6.8-8
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mcrypt
artful
ignored
bionic
not-affected
cosmic
not-affected
hardy
ignored
lucid
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091173.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091206.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091377.html
http://lists.opensuse.org/opensuse-updates/2012-11/msg00003.html
http://www.openwall.com/lists/oss-security/2012/10/18/12
http://www.openwall.com/lists/oss-security/2012/10/18/9
http://www.openwall.com/lists/oss-security/2012/11/20/1
http://www.securityfocus.com/bid/56114
https://bugzilla.redhat.com/show_bug.cgi?id=867790
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091173.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091206.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091377.html
http://lists.opensuse.org/opensuse-updates/2012-11/msg00003.html
http://www.openwall.com/lists/oss-security/2012/10/18/12
http://www.openwall.com/lists/oss-security/2012/10/18/9
http://www.openwall.com/lists/oss-security/2012/11/20/1
http://www.securityfocus.com/bid/56114
https://bugzilla.redhat.com/show_bug.cgi?id=867790