Unrated severityNVD Advisory· Published Oct 1, 2012· Updated Apr 29, 2026

CVE-2012-4415

Description

Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.

Affected products

Guac Dev/Guacamole3 versions
cpe:2.3:a:guac-dev:guacamole:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:guac-dev:guacamole:*:*:*:*:*:*:*:*range: <=0.6.2
- cpe:2.3:a:guac-dev:guacamole:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:guac-dev:guacamole:0.6.0:*:*:*:*:*:*:*
Fedoraproject/Fedora2 versions
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

guac-dev.org/trac/changeset/7dcefa744b4a38825619c00ae8b47e5bae6e38c0/libguacnvdPatch
archives.neohapsis.com/archives/bugtraq/2012-09/0107.htmlnvdExploit
www.securityfocus.com/bid/55497nvdExploit
lists.fedoraproject.org/pipermail/package-announce/2012-September/088031.htmlnvd
lists.fedoraproject.org/pipermail/package-announce/2012-September/088218.htmlnvd
lists.fedoraproject.org/pipermail/package-announce/2012-September/088272.htmlnvd
www.openwall.com/lists/oss-security/2012/09/11/3nvd
www.openwall.com/lists/oss-security/2012/09/11/7nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.031
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000