CVE-2017-12142

Опубликовано: 02 авг. 2017

Источник: debian

EPSS Низкий

Описание

In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libytnef	fixed	1.9.3-1		package
libytnef	no-dsa		stretch	package
libytnef	no-dsa		jessie	package
libytnef	no-dsa		wheezy	package

Примечания

https://github.com/Yeraze/ytnef/issues/49
https://github.com/Yeraze/ytnef/commit/35dc50190aac54947bafb3d84ab7727e940c6236

EPSS

Процентиль: 37%

0.00156

Низкий

Связанные уязвимости

CVE-2017-12142

CVSS3: 5.5

ubuntu

больше 8 лет назад

In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

CVE-2017-12142

CVSS3: 5.5

nvd

больше 8 лет назад

In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

GHSA-wx58-mfwq-x7r3

CVSS3: 5.5

github

больше 3 лет назад

In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

EPSS

Процентиль: 37%

0.00156

Низкий