CVE-2012-0870

Samba 3.0 - Heap-Based Buffer Overflow via Batched AndX Request

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.

References (14)

Core 14
Core References
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1374-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48844
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48116
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48879
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48186
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5281
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/73361

Scores

EPSS 0.4688
EPSS Percentile 97.7%

Details

CWE
CWE-119
Status published
Products (12)
rim/blackberry_playbook_os 1.0
rim/blackberry_playbook_os 1.0.3
rim/blackberry_playbook_os 1.0.5
rim/blackberry_playbook_os 1.0.6
rim/blackberry_playbook_os 1.0.7
rim/blackberry_playbook_os 1.0.7.2942
rim/blackberry_playbook_os 1.0.7.3312
rim/blackberry_playbook_os 1.0.8.4985
rim/blackberry_playbook_os 1.0.8.6067
rim/blackberry_playbook_os < 2.0
... and 2 more
Published Feb 23, 2012
Tracked Since Feb 18, 2026