CVE-2017-16869

Опубликовано: 17 нояб. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implication whatsoever.

Ссылки

https://github.com/upx/upx/issues/146
Third Party Advisory
https://github.com/upx/upx/issues/146
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:upx:upx:3.94:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00258

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2017-16869

CVSS3: 7.8

ubuntu

около 8 лет назад

CVE-2017-16869

CVSS3: 7.8

debian

около 8 лет назад

p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of se ...

GHSA-3j3j-cj56-29p8

CVSS3: 7.8

github

больше 3 лет назад

** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implication whatsoever."

EPSS

Процентиль: 49%

0.00258

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119