Unrated severityNVD Advisory· Published Jun 16, 2012· Updated Apr 29, 2026

CVE-2012-1502

Description

Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string.

Affected products

Pypam/Pypam
cpe:2.3:a:pypam:pypam:*:*:*:*:*:*:*:*
Range: <=0.5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.lsexperts.de/advisories/lse-2012-03-01.txtnvdExploit
secunia.com/advisories/48312nvdVendor Advisory
secunia.com/advisories/48332nvdVendor Advisory
secunia.com/advisories/48746nvdVendor Advisory
lists.opensuse.org/opensuse-updates/2012-04/msg00027.htmlnvd
ubuntu.com/usn/usn-1395-1nvd
www.debian.org/security/2012/dsa-2430nvd
www.osvdb.org/79892nvd
exchange.xforce.ibmcloud.com/vulnerabilities/73857nvd
security.gentoo.org/glsa/201507-09nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.021
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000