Описание
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:upx:upx:3.95:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00365
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 6 лет назад
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
CVSS3: 5.5
debian
около 6 лет назад
An invalid memory address dereference was discovered in the canUnpack ...
CVSS3: 5.5
github
больше 3 лет назад
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
EPSS
Процентиль: 58%
0.00365
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-119