CVE-2012-4460

Apache Qpid < 0.20 - Denial of Service via Buffer Deserialization

Title source: llm
STIX 2.1

Description

The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.

References (4)

Core 4

Scores

EPSS 0.0318
EPSS Percentile 86.6%

Details

CWE
CWE-119
Status published
Products (16)
apache/qpid 0.5
apache/qpid 0.6
apache/qpid 0.7
apache/qpid 0.8
apache/qpid 0.9
apache/qpid 0.10
apache/qpid 0.11
apache/qpid 0.12
apache/qpid 0.13
apache/qpid 0.14
... and 6 more
Published Mar 14, 2013
Tracked Since Feb 18, 2026