Описание
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Exploit
- Exploit
- Exploit
- Third Party Advisory
- Exploit
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
Heap-based buffer overflow in the ParseValue function in lexer.c in ti ...
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
EPSS
6.8 Medium
CVSS2