VIR Vulnerability Intelligence Relay

CVE-2012-5166

high
Published 2012-10-10 · Modified 2026-04-29
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-5166

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://kb.isc.org/article/AA-00801

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed1:9.8.1.dfsg.P1-4.3
debian debianbullseyefixed1:9.8.1.dfsg.P1-4.3
debian debianforkyfixed1:9.8.1.dfsg.P1-4.3
debian debiansidfixed1:9.8.1.dfsg.P1-4.3
debian debiantrixiefixed1:9.8.1.dfsg.P1-4.3

Application impact
VendorProductVersionsFixed
iscbind9.0
iscbind9.0.0
iscbind9.0.1
iscbind9.1
iscbind9.1.0
iscbind9.1.1
iscbind9.1.2
iscbind9.1.3
iscbind9.2.0
iscbind9.2.1
iscbind9.2.2
iscbind9.2.3
iscbind9.2.4
iscbind9.2.5
iscbind9.2.6
iscbind9.2.7
iscbind9.2.8
iscbind9.2.9
iscbind9.3
iscbind9.3.0
iscbind9.3.1
iscbind9.3.2
iscbind9.3.3
iscbind9.3.4
iscbind9.3.5
iscbind9.3.6
iscbind9.4
iscbind9.4.0
iscbind9.4.1
iscbind9.4.2
iscbind9.4.3
iscbind9.5
iscbind9.5.0
iscbind9.5.1
iscbind9.5.2
iscbind9.5.3
iscbind9.6
iscbind9.6.0
iscbind9.6.1
iscbind9.6.2
iscbind9.6.3
iscbind9.7.0
iscbind9.7.1
iscbind9.7.2
iscbind9.7.3
iscbind9.7.4
iscbind9.7.5
iscbind9.7.6
iscbind9.8.0
iscbind9.8.1
iscbind9.8.2
iscbind9.8.3
iscbind9.9.0
iscbind9.9.1

References

CWEs

CWE-189

Verify integrity in audit chain (admin only). AS-IS.