CVE-2017-2867

Опубликовано: 05 апр. 2018

Источник: nvd

CVSS3: 9

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability.

Ссылки

http://www.securityfocus.com/bid/104490
Broken Link
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0373
Third Party Advisory
http://www.securityfocus.com/bid/104490
Broken Link
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0373
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:natus:xltek_neuroworks:8:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01895

Низкий

9 Critical

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-pwv9-2w3m-5m4w

CVSS3: 9.8

github

больше 3 лет назад

EPSS

Процентиль: 83%

0.01895

Низкий

9 Critical

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-787