Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-9755

Опубликовано: 05 июн. 2019
Источник: nvd
CVSS3: 7
CVSS2: 4.4
EPSS Низкий

Описание

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:tuxera:ntfs-3g:2017.3.23:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*

EPSS

Процентиль: 29%
0.00103
Низкий

7 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-191

Связанные уязвимости

ubuntu логотип

CVE-2019-9755

CVSS3: 7
ubuntu
около 6 лет назад

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.

redhat логотип

CVE-2019-9755

CVSS3: 3.3
redhat
больше 6 лет назад

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.

msrc логотип

CVE-2019-9755

CVSS3: 7
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2019-9755

CVSS3: 7
debian
около 6 лет назад

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attack ...

suse-cvrf логотип

openSUSE-SU-2019:1314-1

suse-cvrf
больше 6 лет назад

Security update for ntfs-3g_ntfsprogs

EPSS

Процентиль: 29%
0.00103
Низкий

7 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-191