Solution
Please Install the Updated Packages.
Insight
It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the ' usbmux'
user
(CVE-2012-0065).
The updated packages have been patched to correct this issue.
Affected
usbmuxd on Mandriva Linux 2011.0
Severity
Classification
-
CVE CVE-2012-0065 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities