Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2020-12861

Published: 24/06/2020 Updated: 12/06/2023
CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 703
Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Sane Backends

Vulnerability Summary

A heap buffer overflow in SANE Backends prior to 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sane-project sane backends

canonical ubuntu linux 18.04

opensuse leap 15.1

canonical ubuntu linux 20.04

opensuse leap 15.2

canonical ubuntu linux 16.04

Vendor Advisories

Red Hat: Important: sane-backends security update
Synopsis Important: sane-backends security update Type/Severity Security Advisory: Important Topic An update for sane-backends is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common ...
Red Hat: Important: sane-backends security update
Synopsis Important: sane-backends security update Type/Severity Security Advisory: Important Topic An update for sane-backends is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Red Hat: Important: sane-backends security update
Synopsis Important: sane-backends security update Type/Severity Security Advisory: Important Topic An update for sane-backends is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...

References

CWE-787https://securitylab.github.com/advisories/GHSL-2020-075-libsanehttps://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.htmlhttps://usn.ubuntu.com/4470-1/http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.htmlhttp://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.htmlhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:3045
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120CVE-2024-35921CVE-2024-35874brute forceCVE-2024-36080unprivilegedCVE-2024-35917IDORCVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook