Strix
26.1K

CVE-2012-6129

UnknownEPSS 5.10%

Last modified

CVE-2012-6129 is a vulnerability of currently unknown severity. Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets.". EPSS estimates a 5.10% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."

Metrics

EPSS Probability
5.10%

91.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
TransmissionbtTransmission<= 2.73
TransmissionbtTransmission0.1
TransmissionbtTransmission0.2
TransmissionbtTransmission0.3
TransmissionbtTransmission0.4
TransmissionbtTransmission0.5
TransmissionbtTransmission0.6
TransmissionbtTransmission0.6.1
TransmissionbtTransmission0.70
TransmissionbtTransmission0.71
TransmissionbtTransmission0.72
TransmissionbtTransmission0.80
TransmissionbtTransmission0.81
TransmissionbtTransmission0.82
TransmissionbtTransmission0.90
TransmissionbtTransmission0.91
TransmissionbtTransmission0.92
TransmissionbtTransmission0.93
TransmissionbtTransmission0.94
TransmissionbtTransmission0.95
TransmissionbtTransmission0.96
TransmissionbtTransmission1.00
TransmissionbtTransmission1.01
TransmissionbtTransmission1.02
TransmissionbtTransmission1.2
TransmissionbtTransmission1.03
TransmissionbtTransmission1.04
TransmissionbtTransmission1.05
TransmissionbtTransmission1.06
TransmissionbtTransmission1.10
TransmissionbtTransmission1.11
TransmissionbtTransmission1.20
TransmissionbtTransmission1.21
TransmissionbtTransmission1.22
TransmissionbtTransmission1.30
TransmissionbtTransmission1.31
TransmissionbtTransmission1.32
TransmissionbtTransmission1.33
TransmissionbtTransmission1.34
TransmissionbtTransmission1.40
TransmissionbtTransmission1.41
TransmissionbtTransmission1.42
TransmissionbtTransmission1.50
TransmissionbtTransmission1.51
TransmissionbtTransmission1.52
TransmissionbtTransmission1.53
TransmissionbtTransmission1.54
TransmissionbtTransmission1.60
TransmissionbtTransmission1.61
TransmissionbtTransmission1.70

Showing 50 of 96 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-6129?
Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."
How severe is CVE-2012-6129?
Severity scoring for CVE-2012-6129 is pending analysis. The EPSS model estimates a 5.10% probability of exploitation in the next 30 days.
How do I fix CVE-2012-6129?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-6129?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST