CVE-2012-6096
CVSS 7.5 - HIGH
Description
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.
Affected Products
44| Vendor | Product | Version |
|---|---|---|
| nagios | nagios |
All versions
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0
|
| nagios | nagios |
3.0.1
|
| nagios | nagios |
3.0.2
|
| nagios | nagios |
3.0.3
|
| nagios | nagios |
3.0.4
|
| nagios | nagios |
3.0.5
|
| nagios | nagios |
3.0.6
|
| nagios | nagios |
3.1.0
|
| nagios | nagios |
3.1.1
|
| nagios | nagios |
3.1.2
|
| nagios | nagios |
3.2.0
|
| nagios | nagios |
3.2.1
|
| nagios | nagios |
3.2.2
|
| nagios | nagios |
3.2.3
|
| nagios | nagios |
3.3.1
|
| nagios | nagios |
3.4.0
|
| nagios | nagios |
3.4.1
|
| nagios | nagios |
3.4.2
|
| icinga | icinga |
1.6.0
|
| icinga | icinga |
1.6.1
|
| icinga | icinga |
1.7.0
|
| icinga | icinga |
1.7.1
|
| icinga | icinga |
1.7.2
|
| icinga | icinga |
1.7.3
|
| icinga | icinga |
1.8.0
|
| icinga | icinga |
1.8.1
|
| icinga | icinga |
1.8.2
|
| icinga | icinga |
1.8.3
|
References
Weakness Types
CWE-119
CVE Information
- CVE ID:
CVE-2012-6096- Published:
- 2013-01-22
- Modified:
- 2026-04-29
- CVSS Score:
- 7.5
- Severity:
- HIGH
- Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Vendors
icinga
nagios
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL