Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2012-6129

Published: 03/04/2013 Updated: 03/04/2013
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Transmission

Vulnerability Summary

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission prior to 2.74 and possibly other products, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."

Vulnerable Product Search on Vulmon Subscribe to Product

transmissionbt transmission 2.72

transmissionbt transmission 2.70

transmissionbt transmission 2.03

transmissionbt transmission 2.13

transmissionbt transmission 2.11

transmissionbt transmission 2.32

transmissionbt transmission 2.51

transmissionbt transmission 2.60

transmissionbt transmission 1.93

transmissionbt transmission 1.81

transmissionbt transmission 1.90

transmissionbt transmission 1.82

transmissionbt transmission 1.02

transmissionbt transmission 1.04

transmissionbt transmission 1.22

transmissionbt transmission 1.34

transmissionbt transmission 1.60

transmissionbt transmission 1.42

transmissionbt transmission 1.61

transmissionbt transmission 1.2

transmissionbt transmission 1.31

transmissionbt transmission 0.6.1

transmissionbt transmission 0.5

transmissionbt transmission 0.2

transmissionbt transmission 0.95

transmissionbt transmission

transmissionbt transmission 2.22

transmissionbt transmission 2.21

transmissionbt transmission 2.20

transmissionbt transmission 2.40

transmissionbt transmission 1.80

transmissionbt transmission 1.77

transmissionbt transmission 1.74

transmissionbt transmission 1.91

transmissionbt transmission 1.01

transmissionbt transmission 1.00

transmissionbt transmission 1.50

transmissionbt transmission 1.51

transmissionbt transmission 1.32

transmissionbt transmission 1.33

transmissionbt transmission 1.40

transmissionbt transmission 1.41

transmissionbt transmission 0.6

transmissionbt transmission 0.3

transmissionbt transmission 0.4

transmissionbt transmission 0.1

transmissionbt transmission 2.04

transmissionbt transmission 2.01

transmissionbt transmission 2.02

transmissionbt transmission 2.12

transmissionbt transmission 2.50

transmissionbt transmission 2.42

transmissionbt transmission 2.41

transmissionbt transmission 2.61

transmissionbt transmission 1.10

transmissionbt transmission 1.06

transmissionbt transmission 1.20

transmissionbt transmission 1.11

transmissionbt transmission 1.70

transmissionbt transmission 1.71

transmissionbt transmission 1.72

transmissionbt transmission 1.73

transmissionbt transmission 0.82

transmissionbt transmission 0.90

transmissionbt transmission 0.80

transmissionbt transmission 0.81

transmissionbt transmission 0.71

transmissionbt transmission 0.91

transmissionbt transmission 0.94

transmissionbt transmission 0.93

transmissionbt transmission 2.71

transmissionbt transmission 2.00

transmissionbt transmission 2.10

transmissionbt transmission 2.30

transmissionbt transmission 2.33

transmissionbt transmission 2.31

transmissionbt transmission 2.52

transmissionbt transmission 1.92

transmissionbt transmission 1.83

transmissionbt transmission 1.76

transmissionbt transmission 1.03

transmissionbt transmission 1.05

transmissionbt transmission 1.52

transmissionbt transmission 1.75

transmissionbt transmission 1.53

transmissionbt transmission 1.54

transmissionbt transmission 1.21

transmissionbt transmission 1.30

transmissionbt transmission 0.72

transmissionbt transmission 0.70

transmissionbt transmission 0.96

transmissionbt transmission 0.92

canonical ubuntu linux 12.04

fedoraproject fedora 16

canonical ubuntu linux 12.10

canonical ubuntu linux 11.10

Vendor Advisories

Debian CVElist Bug Report Logs: transmission-daemon: CVE-2012-6129: Transmission can be made to crash remotely
Debian Bug report logs - #700234 transmission-daemon: CVE-2012-6129: Transmission can be made to crash remotely Package: transmission-daemon; Maintainer for transmission-daemon is Sandro Tosi <morph@debianorg>; Source for transmission-daemon is src:transmission (PTS, buildd, popcon) Reported by: Josselin Mouette <joss@de ...
Ubuntu Security Notice: transmission vulnerability
Transmission could be made to crash or run programs if it received specially crafted network traffic ...

References

CWE-119http://lists.opensuse.org/opensuse-updates/2013-03/msg00064.htmlhttp://www.ubuntu.com/usn/USN-1747-1https://bugzilla.redhat.com/show_bug.cgi?id=909934http://www.openwall.com/lists/oss-security/2013/02/13/1https://trac.transmissionbt.com/ticket/5002https://trac.transmissionbt.com/changeset/13646https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700234https://usn.ubuntu.com/1747-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook