Описание
The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disputed this as described in the GitHub issue comments
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2018-07-25 (исключая)
cpe:2.3:a:libfsclfs_project:libfsclfs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.0071
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
** DISPUTED ** The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disputed this as described in the GitHub issue comments.
EPSS
Процентиль: 72%
0.0071
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125