VDB
CVE-2012-2942
CVE-2012-2942
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.
EPSS 0.20% · 41.7th percentile
Risk Scores
CVSS v2.0
5.099999904632568
EPSS Score
0.20%
41.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| haproxy | haproxy | 0 |
| n/a | n/a | n/a |
Timeline
- May 27, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Sep 6, 2023 EPSS Score
References
- [oss-security] 20120528 Duplicate CVE identifiers (CVE-2012-2391 and CVE-2012-2942) assigned to HAProxy issue mailing-list
- GLSA-201301-02 vendor-advisory
- [oss-security] 20120523 Re: CVE request: haproxy trash buffer overflow flaw mailing-list
- haproxy-trash-bo(75777) vdb
- 53647 vdb
- http://haproxy.1wt.eu/#news url
- DSA-2711 vendor-advisory
- 49261 third-party-advisory
- USN-1800-1 vendor-advisory
- http://haproxy.1wt.eu/git?p=haproxy-1.4.git%3Ba=commit%3Bh=30297cb17147a8d339eb160226bcc08c91d9530b url
- [oss-security] 20120523 CVE request: haproxy trash buffer overflow flaw mailing-list
- http://haproxy.1wt.eu/download/1.4/src/CHANGELOG url
- https://nvd.nist.gov/vuln/detail/CVE-2012-2942 advisory
- http://haproxy.1wt.eu/git?p=haproxy-1.4.git;a=commit;h=30297cb17147a8d339eb160226bcc08c91d9530b url