exploitDog

CVE-2019-16127

Опубликовано: 22 окт. 2020

Источник: nvd

CVSS3: 9.1

CVSS2: 6.4

EPSS Низкий

Описание

Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow.

Ссылки

https://census-labs.com/news/2020/10/21/microchip-asf4-integer-overflows-in-flash_read-flash_write-and-flash_append/
Exploit
Press/Media Coverage
Third Party Advisory
https://www.microchip.com/mplab/avr-support/advanced-software-framework
Product
Vendor Advisory
https://www.openwall.com/lists/oss-security/2020/10/22/1
Mailing List
Third Party Advisory
https://census-labs.com/news/2020/10/21/microchip-asf4-integer-overflows-in-flash_read-flash_write-and-flash_append/
Exploit
Press/Media Coverage
Third Party Advisory
https://www.microchip.com/mplab/avr-support/advanced-software-framework
Product
Vendor Advisory
https://www.openwall.com/lists/oss-security/2020/10/22/1
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microchip:advanced_software_framework_4:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00374

Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

GHSA-xg32-f3mq-6rp3

github

больше 3 лет назад

Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow.

EPSS

Процентиль: 59%

0.00374

Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-190