VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-at7n-u124-efd5

Essentials
Severities (21)
References (15)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-at7n-u124-efd5
Aliases	CVE-2012-1571
Summary	A vulnerability in file could result in Denial of Service.
Status	Published
Exploitability	0.5
Weighted Severity	5.9
Risk	3.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-122

Heap-based Buffer Overflow

System	Score	Found at
cvssv3.1	6.5	http://mx.gw.com/pipermail/file/2012/000914.html
ssvc	Track	http://mx.gw.com/pipermail/file/2012/000914.html
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2012-1571
cvssv3.1	6.5	https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
ssvc	Track	https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
cvssv3.1	6.5	https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b
ssvc	Track	https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b
cvssv3.1	6.5	http://www.debian.org/security/2012/dsa-2422
ssvc	Track	http://www.debian.org/security/2012/dsa-2422
cvssv3.1	6.5	http://www.mandriva.com/security/advisories?name=MDVSA-2012:035
ssvc	Track	http://www.mandriva.com/security/advisories?name=MDVSA-2012:035
cvssv3.1	6.5	http://www.ubuntu.com/usn/USN-2123-1
ssvc	Track	http://www.ubuntu.com/usn/USN-2123-1

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json
		https://api.first.org/data/v1/epss?cve=CVE-2012-1571
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571
000914.html		http://mx.gw.com/pipermail/file/2012/000914.html
1859fdb4e67c49c463c4e0078054335cd46ba295		https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b		https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b
664263		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263
805197		https://bugzilla.redhat.com/show_bug.cgi?id=805197
advisories?name=MDVSA-2012:035		http://www.mandriva.com/security/advisories?name=MDVSA-2012:035
dsa-2422		http://www.debian.org/security/2012/dsa-2422
GLSA-201209-14		https://security.gentoo.org/glsa/201209-14
RHSA-2014:1012		https://access.redhat.com/errata/RHSA-2014:1012
RHSA-2014:1606		https://access.redhat.com/errata/RHSA-2014:1606
USN-2123-1		https://usn.ubuntu.com/2123-1/
USN-2123-1		http://www.ubuntu.com/usn/USN-2123-1

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://mx.gw.com/pipermail/file/2012/000914.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/ Found at http://mx.gw.com/pipermail/file/2012/000914.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/ Found at https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/ Found at https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.debian.org/security/2012/dsa-2422

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/ Found at http://www.debian.org/security/2012/dsa-2422

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.mandriva.com/security/advisories?name=MDVSA-2012:035

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/ Found at http://www.mandriva.com/security/advisories?name=MDVSA-2012:035

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.ubuntu.com/usn/USN-2123-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/ Found at http://www.ubuntu.com/usn/USN-2123-1

Exploit Prediction Scoring System (EPSS)

Percentile	0.62468
EPSS Score	0.00431
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:10:21.388547+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201209-14	38.0.0