Main Vulnerability Database Vulnerabilities #VU43509

Input validation error in Nextcloud iOS App - CVE-2012-3924

Published: September 16, 2012 / Updated: August 11, 2020

Vulnerability identifier: #VU43509

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2012-3924

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Nextcloud

Affected software:
Nextcloud iOS App

Detailed vulnerability description

The vulnerability allows a remote #AU# to perform service disruption.

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961.

How to mitigate CVE-2012-3924

Install update from vendor's website.

Sources

http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/78672

Input validation error in Nextcloud iOS App - CVE-2012-3924

Detailed vulnerability description

How to mitigate CVE-2012-3924

Sources

Please verify you're human