CVE-2017-13692

Опубликовано: 24 авг. 2017

Источник: redhat

CVSS3: 3.3

Описание

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	tidy	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1485857tidy: Segfault due to out-of-bounds read in ISURLCodePoint function

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-13692

CVSS3: 7.5

ubuntu

больше 8 лет назад

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.

CVE-2017-13692

CVSS3: 7.5

nvd

больше 8 лет назад

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.

CVE-2017-13692

CVSS3: 7.5

debian

больше 8 лет назад

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attacker ...

GHSA-p4rg-78qv-f5g4

CVSS3: 7.5

github

больше 3 лет назад

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.

3.3 Low

CVSS3