Zero-day Vulnerability Database

Change view:

Zero-day vulnerabilities discovered: 1

Arbitrary code execution in Linux kernel
CVE-2012-2319

Buffer overflow

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow in the driver within HFS plus filesystem. By using a specially crafted Hierarchical File System (HFS) filesystem, a local attacker can trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

This is a zero-day according to Trustwave.

CVE-2012-2319 is a follow-up to CVE-2009-4020; issues in the HFS file system were detailed and patched on Dec. 3, 2009, but HFSPlus was left vulnerable until May 4, 2012.

Software: Linux kernel

This is a zero-day according to Trustwave.

CVE-2012-2319 is a follow-up to CVE-2009-4020; issues in the HFS file system were detailed and patched on Dec. 3, 2009, but HFSPlus was left vulnerable until May 4, 2012.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.