Search for vulnerabilities
Vulnerability details: VCID-dw97-gxes-aaar
Vulnerability ID VCID-dw97-gxes-aaar
Aliases CVE-2012-6656
Summary iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-6656.html
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00388 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00388 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00388 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.00388 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01382 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
epss 0.01685 https://api.first.org/data/v1/epss?cve=CVE-2012-6656
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1135840
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7817
generic_textual High https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2012-6656
generic_textual Low https://ubuntu.com/security/notices/USN-2432-1
generic_textual Low http://www.openwall.com/lists/oss-security/2014/08/29/3
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-6656.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6656.json
https://api.first.org/data/v1/epss?cve=CVE-2012-6656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
https://security.gentoo.org/glsa/201503-04
https://sourceware.org/bugzilla/show_bug.cgi?id=14134
https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5
https://sourceware.org/git/?p=glibc.git;a=commit;h=6e230d11837f3ae7b375ea69d7905f0d18eb79e5
https://ubuntu.com/security/notices/USN-2432-1
http://www.debian.org/security/2015/dsa-3142
http://www.mandriva.com/security/advisories?name=MDVSA-2014:175
http://www.openwall.com/lists/oss-security/2014/08/29/3
http://www.openwall.com/lists/oss-security/2014/09/02/1
http://www.securityfocus.com/bid/69472
http://www.ubuntu.com/usn/USN-2432-1
1135840 https://bugzilla.redhat.com/show_bug.cgi?id=1135840
cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
CVE-2012-6656 https://nvd.nist.gov/vuln/detail/CVE-2012-6656
USN-2432-1 https://usn.ubuntu.com/2432-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2012-6656
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.70363
EPSS Score 0.00307
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.