CVE-2018-7867

Опубликовано: 08 мар. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.

Ссылки

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
Issue Tracking
Third Party Advisory
https://github.com/libming/libming/issues/116
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/04/msg00008.html
Mailing List
Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
Issue Tracking
Third Party Advisory
https://github.com/libming/libming/issues/116
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/04/msg00008.html
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libming:libming:0.4.8:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00563

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-7867

CVSS3: 6.5

ubuntu

почти 8 лет назад

There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.

CVE-2018-7867

CVSS3: 6.5

debian

почти 8 лет назад

There is a heap-based buffer overflow in the getString function of uti ...

GHSA-c6vm-hjfm-ccrf

CVSS3: 6.5

github

больше 3 лет назад

There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.

EPSS

Процентиль: 68%

0.00563

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787