Launchpad CVE tracker

CVE 2012-0065

Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list.

Related bugs and status

CVE-2012-0065 (Candidate) is related to these bugs:

Bug #919435: buffer overflow introduced in 1.0.7 (CVE-2012-0065)

		In	Importance	Status
919435	buffer overflow introduced in 1.0.7 (CVE-2012-0065)	usbmuxd (Ubuntu)	Medium	Fix Released
919435	buffer overflow introduced in 1.0.7 (CVE-2012-0065)	usbmuxd (Debian)	Unknown	Fix Released
919435	buffer overflow introduced in 1.0.7 (CVE-2012-0065)	usbmuxd (Ubuntu Natty)	Medium	Fix Released
919435	buffer overflow introduced in 1.0.7 (CVE-2012-0065)	usbmuxd (Ubuntu Oneiric)	Medium	Fix Released
919435	buffer overflow introduced in 1.0.7 (CVE-2012-0065)	usbmuxd (Ubuntu Precise)	Medium	Fix Released

Bug #923376: Sync usbmuxd 1.0.7-2 (main) from Debian unstable (main)

Summary				In	Importance	Status
	923376	Sync usbmuxd 1.0.7-2 (main) from Debian unstable (main)		usbmuxd (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-0065

References