VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 24, 2013· Updated Apr 29, 2026

CVE-2012-6128

CVE-2012-6128

Description

Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.

Affected products

39
  • Infradead/Openconnect39 versions
    cpe:2.3:a:infradead:openconnect:*:*:*:*:*:*:*:*+ 38 more
    • cpe:2.3:a:infradead:openconnect:*:*:*:*:*:*:*:*range: <=4.07
    • cpe:2.3:a:infradead:openconnect:1.00:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:1.20:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:1.30:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:1.40:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.00:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.01:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.20:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.21:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.22:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.23:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.24:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.25:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:2.26:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.00:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.01:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.02:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.13:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.14:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.15:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.16:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.17:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.18:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.19:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.20:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:3.99:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.00:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.01:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.02:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.03:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.04:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.05:*:*:*:*:*:*:*
    • cpe:2.3:a:infradead:openconnect:4.06:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.