CVE-2012-1109 - Vulnerability Details

Vendors	Products
Pediapress	Mwlib

Link	Providers
http://www.openwall.com/lists/oss-security/2012/03/05/20
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109
https://www.securityfocus.com/bid/52577

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "mwlib", "vendor": "Python", "versions": [{"status": "affected", "version": "0.13 through 0.13.4 (Fixed in  0.13.5)"}]}], "descriptions": [{"lang": "en", "value": "mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions"}], "problemTypes": [{"descriptions": [{"description": "denial of service when parsing #iferror magic functions", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-12T14:32:10", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109"}, {"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2012/03/05/20"}, {"tags": ["x_refsource_MISC"], "url": "https://www.securityfocus.com/bid/52577"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:45:27.479Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/03/05/20"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.securityfocus.com/bid/52577"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1109", "datePublished": "2019-11-12T14:32:10", "dateReserved": "2012-02-14T00:00:00", "dateUpdated": "2024-08-06T18:45:27.479Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : mwlib (string)

vendor : Python (string)

versions : [ »

0 : { »

status : affected (string)

version : 0.13 through 0.13.4 (Fixed in 0.13.5) (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : denial of service when parsing #iferror magic functions (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2019-11-12T14:32:10 (string)

orgId : 53f830b8-0a3f-465b-8143-3b8a9948e749 (string)

shortName : redhat (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.openwall.com/lists/oss-security/2012/03/05/20 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.securityfocus.com/bid/52577 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T18:45:27.479Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2012/03/05/20 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.securityfocus.com/bid/52577 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 53f830b8-0a3f-465b-8143-3b8a9948e749 (string)

assignerShortName : redhat (string)

cveId : CVE-2012-1109 (string)

datePublished : 2019-11-12T14:32:10 (string)

dateReserved : 2012-02-14T00:00:00 (string)

dateUpdated : 2024-08-06T18:45:27.479Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pediapress:mwlib:*:*:*:*:*:*:*:*", "matchCriteriaId": "97F81D96-3171-47E5-94D7-E2FCA36E5897", "versionEndIncluding": "0.13.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions"}, {"lang": "es", "value": "mwlib versi\u00f3n 0.13 hasta 0.13.4, presenta una vulnerabilidad de denegaci\u00f3n de servicio cuando se analizan las funciones m\u00e1gicas #iferror"}], "id": "CVE-2012-1109", "lastModified": "2024-11-21T01:36:26.880", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-12T15:15:10.707", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2012/03/05/20"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.securityfocus.com/bid/52577"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2012/03/05/20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.securityfocus.com/bid/52577"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:pediapress:mwlib:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 97F81D96-3171-47E5-94D7-E2FCA36E5897 (string)

versionEndIncluding : 0.13.4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions (string)

}

1 : { »

lang : es (string)

value : mwlib versión 0.13 hasta 0.13.4, presenta una vulnerabilidad de denegación de servicio cuando se analizan las funciones mágicas #iferror (string)

}

]

id : CVE-2012-1109 (string)

lastModified : 2024-11-21T01:36:26.880 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2019-11-12T15:15:10.707 (string)

references : [ »

0 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

2 : Third Party Advisory (string)

]

url : http://www.openwall.com/lists/oss-security/2012/03/05/20 (string)

}

1 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Issue Tracking (string)

1 : Third Party Advisory (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109 (string)

}

2 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://www.securityfocus.com/bid/52577 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

2 : Third Party Advisory (string)

]

url : http://www.openwall.com/lists/oss-security/2012/03/05/20 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Issue Tracking (string)

1 : Third Party Advisory (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1109 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://www.securityfocus.com/bid/52577 (string)

}

]

sourceIdentifier : secalert@redhat.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-755 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object