Sign-up

ID

VAR-202002-0053


CVE

CVE-2012-5366


TITLE

Apple Mac OS X Resource exhaustion vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2012-006631

DESCRIPTION

The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. Apple Mac OS X Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. Multiple Vendors' operating system are prone to a denial-of-service vulnerability due to an implementation weakness in IPv6. Successful exploits will allow attackers to consume an excessive amount of CPU resources on the targeted computers, denying service to legitimate users. The following operating systems are affected: Windows NetBSD FreeBSD Mac OS-X. An attacker can exploit this vulnerability to cause a denial of service by sending a large number of ICMPv6 Router Advertisement packets

Trust: 2.07

sources: NVD: CVE-2012-5366 // JVNDB: JVNDB-2012-006631 // BID: 56170 // VULHUB: VHN-58647 // VULMON: CVE-2012-5366

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:10.9

Trust: 1.0

vendor:applemodel:mac os xscope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.0.4

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.1

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.0.0

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.1.0

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.0.1

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion: -

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.1.1

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.0

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.0.3

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.0.2

Trust: 0.6

vendor:netbsdmodel:netbsdscope:eqversion:0

Trust: 0.3

vendor:microsoftmodel:windowsscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:0

Trust: 0.3

sources: BID: 56170 // JVNDB: JVNDB-2012-006631 // CNNVD: CNNVD-202002-1018 // NVD: CVE-2012-5366

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5366
value: HIGH

Trust: 1.0

NVD: JVNDB-2012-006631
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202002-1018
value: MEDIUM

Trust: 0.6

VULHUB: VHN-58647
value: HIGH

Trust: 0.1

VULMON: CVE-2012-5366
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-5366
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2012-006631
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-58647
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2012-5366
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2012-006631
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-58647 // VULMON: CVE-2012-5366 // JVNDB: JVNDB-2012-006631 // CNNVD: CNNVD-202002-1018 // NVD: CVE-2012-5366

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-58647 // JVNDB: JVNDB-2012-006631 // NVD: CVE-2012-5366

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202002-1018

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202002-1018

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-006631

PATCH
title:Top Pageurl:https://www.apple.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-006631

EXTERNAL IDS
db:NVDid:CVE-2012-5366
Trust: 2.9
db:OPENWALLid:OSS-SECURITY/2012/10/10/12
Trust: 2.6
db:BIDid:56170
Trust: 2.1
db:JVNDBid:JVNDB-2012-006631
Trust: 0.8
db:CNNVDid:CNNVD-202002-1018
Trust: 0.7
db:VULHUBid:VHN-58647
Trust: 0.1
db:VULMONid:CVE-2012-5366
Trust: 0.1
sources:
            
            
            VULHUB: VHN-58647 // 
            
            
            
            VULMON: CVE-2012-5366 // 
            
            
            
            BID: 56170 // 
            
            
            
            JVNDB: JVNDB-2012-006631 // 
            
            
            
            CNNVD: CNNVD-202002-1018 // 
            
            
            
            NVD: CVE-2012-5366

REFERENCES
url:http://www.openwall.com/lists/oss-security/2012/10/10/12
Trust: 2.6
url:https://www.securityfocus.com/bid/56170/info
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-5366
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5366
Trust: 0.8
url:http://software.cisco.com/download/navigator.html?mdfid=283613663
Trust: 0.3
url:http://www.freebsd.org/
Trust: 0.3
url:http://marc.info/?l=oss-security&m=134988821920750&w=2
Trust: 0.3
url:http://www.microsoft.com/
Trust: 0.3
url:http://www.netbsd.org/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/400.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/56170
Trust: 0.1
sources:
            
            
            VULHUB: VHN-58647 // 
            
            
            
            VULMON: CVE-2012-5366 // 
            
            
            
            BID: 56170 // 
            
            
            
            JVNDB: JVNDB-2012-006631 // 
            
            
            
            CNNVD: CNNVD-202002-1018 // 
            
            
            
            NVD: CVE-2012-5366

CREDITS
Marc Heuse
Trust: 0.3
sources:
            
            
            BID: 56170

SOURCES
db:VULHUBid:VHN-58647
db:VULMONid:CVE-2012-5366
db:BIDid:56170
db:JVNDBid:JVNDB-2012-006631
db:CNNVDid:CNNVD-202002-1018
db:NVDid:CVE-2012-5366

LAST UPDATE DATE
2024-08-14T14:25:58.600000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-58647date:2020-02-25T00:00:00
db:VULMONid:CVE-2012-5366date:2020-02-25T00:00:00
db:BIDid:56170date:2012-10-10T00:00:00
db:JVNDBid:JVNDB-2012-006631date:2020-03-05T00:00:00
db:CNNVDid:CNNVD-202002-1018date:2020-03-05T00:00:00
db:NVDid:CVE-2012-5366date:2020-02-25T19:33:47.650

SOURCES RELEASE DATE
db:VULHUBid:VHN-58647date:2020-02-20T00:00:00
db:VULMONid:CVE-2012-5366date:2020-02-20T00:00:00
db:BIDid:56170date:2012-10-10T00:00:00
db:JVNDBid:JVNDB-2012-006631date:2020-03-05T00:00:00
db:CNNVDid:CNNVD-202002-1018date:2020-02-20T00:00:00
db:NVDid:CVE-2012-5366date:2020-02-20T15:15:11.463