Heap-based Buffer Overflow in Samba 3.0 Allows Remote Code Execution

Heap-based Buffer Overflow in Samba 3.0 Allows Remote Code Execution

CVE-2012-0870 · HIGH Severity

AV:A/AC:M/AU:N/C:C/I:C/A:C

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.

Learn more about our Web Application Penetration Testing UK.