CVE-2017-5706

Опубликовано: 21 нояб. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

Ссылки

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Issue Tracking
Patch
Third Party Advisory
http://www.securityfocus.com/bid/101906
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039955
Third Party Advisory
VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
Issue Tracking
Vendor Advisory
https://security.netapp.com/advisory/ntap-20171120-0001/
Issue Tracking
Third Party Advisory
Tool Signature
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us
https://twitter.com/PTsecurity_UK/status/938447926128291842
https://www.asus.com/News/wzeltG5CjYaIwGJ0
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Issue Tracking
Patch
Third Party Advisory
http://www.securityfocus.com/bid/101906
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039955
Third Party Advisory
VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
Issue Tracking
Vendor Advisory
https://security.netapp.com/advisory/ntap-20171120-0001/
Issue Tracking
Third Party Advisory
Tool Signature
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us
https://twitter.com/PTsecurity_UK/status/938447926128291842
https://www.asus.com/News/wzeltG5CjYaIwGJ0

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:intel:server_platform_services_firmware:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00097

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2017-5706

CVSS3: 7.8

ubuntu

около 8 лет назад

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

GHSA-55pw-cf45-3838

CVSS3: 7.8

github

больше 3 лет назад

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

BDU:2017-02527

CVSS3: 8.2

fstec

больше 8 лет назад

Множественные уязвимости подсистемы Intel Server Platform Services (SPS) микропрограммного обеспечения семейства микросхем Platform Controller Hub, позволяющие выполнить неподписанный код

EPSS

Процентиль: 27%

0.00097

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-119