Описание
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.
Ссылки
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:upx:upx:4.0.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00125
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
CWE-617
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 4 лет назад
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.
CVSS3: 5.5
debian
больше 4 лет назад
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ...
CVSS3: 5.5
github
больше 3 лет назад
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.
EPSS
Процентиль: 32%
0.00125
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
CWE-617