CVE-2016-9584

Опубликовано: 18 янв. 2017

Источник: nvd

CVSS3: 9.1

CVSS2: 6.4

EPSS Низкий

Описание

libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.

Ссылки

http://www.openwall.com/lists/oss-security/2016/12/15/5
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/94948
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2016/12/15/5
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/94948
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libical_project:libical:*:*:*:*:*:*:*:*

Версия до 2.0 (включая)

EPSS

Процентиль: 73%

0.00779

Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

CVE-2016-9584

CVSS3: 9.1

ubuntu

около 9 лет назад

libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.

CVE-2016-9584

CVSS3: 9.1

redhat

около 9 лет назад

libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.

CVE-2016-9584

CVSS3: 9.1

debian

около 9 лет назад

libical allows remote attackers to cause a denial of service (use-afte ...

GHSA-hcxq-m379-hxr9

CVSS3: 9.1

github

больше 3 лет назад

libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.

openSUSE-SU-2017:2002-1

suse-cvrf

больше 8 лет назад

Security update for libical

EPSS

Процентиль: 73%

0.00779

Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-416