CVE-2017-9189

Опубликовано: 23 мая 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.

Ссылки

https://blogs.gentoo.org/ago/2017/05/20/autotrace-multiple-vulnerabilities-the-autotrace-nightmare/
Third Party Advisory
VDB Entry
https://blogs.gentoo.org/ago/2017/05/20/autotrace-multiple-vulnerabilities-the-autotrace-nightmare/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:autotrace_project:autotrace:0.31.1:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00701

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2017-9189

CVSS3: 7.5

ubuntu

больше 8 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.

CVE-2017-9189

CVSS3: 3.3

redhat

больше 8 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.

CVE-2017-9189

CVSS3: 7.5

debian

больше 8 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...

GHSA-49gr-63h7-7r26

CVSS3: 7.5

github

больше 3 лет назад

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.

EPSS

Процентиль: 72%

0.00701

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125