Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-5343

Опубликовано: 14 апр. 2016
Источник: nvd
CVSS3: 7.6
CVSS2: 8
EPSS Средний

Описание

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
Версия от 1.7.0 (включая) до 1.7.20 (включая)
cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
Версия от 1.8.0 (включая) до 1.8.15 (исключая)
cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
Версия от 1.9.0 (включая) до 1.9.3 (исключая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 95%
0.19092
Средний

7.6 High

CVSS3

8 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2015-5343

CVSS3: 7.6
ubuntu
почти 10 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

redhat логотип

CVE-2015-5343

redhat
около 10 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

debian логотип

CVE-2015-5343

CVSS3: 7.6
debian
почти 10 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, ...

suse-cvrf логотип

SUSE-SU-2016:0043-1

suse-cvrf
около 10 лет назад

Security update for subversion

github логотип

GHSA-g5xg-c32g-4v99

CVSS3: 7.6
github
больше 3 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

EPSS

Процентиль: 95%
0.19092
Средний

7.6 High

CVSS3

8 High

CVSS2

Дефекты

CWE-119