Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2012-3445

The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.

  • Published: Aug 7, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-3445
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:N/I:N/A:P

CWEs:

Software From Fixed in
redhat / libvirt 0.9.13 0.9.13.x