CVE-2017-9156

Опубликовано: 23 мая 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.

Ссылки

https://blogs.gentoo.org/ago/2017/05/20/autotrace-multiple-vulnerabilities-the-autotrace-nightmare/
Third Party Advisory
VDB Entry
https://blogs.gentoo.org/ago/2017/05/20/autotrace-multiple-vulnerabilities-the-autotrace-nightmare/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:autotrace_project:autotrace:0.31.1:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00701

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2017-9156

CVSS3: 7.5

ubuntu

больше 8 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.

CVE-2017-9156

CVSS3: 3.3

redhat

больше 8 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.

CVE-2017-9156

CVSS3: 7.5

debian

больше 8 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...

GHSA-943j-jxpr-v9mq

CVSS3: 7.5

github

больше 3 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.

EPSS

Процентиль: 72%

0.00701

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787