Your submission was sent successfully! Close

CVE-2012-4552

Published: 18 November 2012

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.

Notes

AuthorNote
seth-arnold
plib is no longer maintained upstream
Priority

Medium

Status

Package Release Status
plib
Launchpad, Ubuntu, Debian
artful Not vulnerable
(1.8.5-6)
hardy Ignored
(reached end-of-life)
lucid Ignored
(reached end-of-life)
oneiric Ignored
(reached end-of-life)
precise Does not exist
(precise was needed)
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Does not exist
(trusty was not-affected [1.8.5-6])
upstream Needed

utopic Not vulnerable
(1.8.5-6)
vivid Does not exist

wily Not vulnerable
(1.8.5-6)
xenial Not vulnerable
(1.8.5-6)
yakkety Not vulnerable
(1.8.5-6)
zesty Not vulnerable
(1.8.5-6)