CVE-2013-4852

Опубликовано: 19 авг. 2013

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

Описание

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	3.7.3-1ubuntu1
cosmic	not-affected	3.7.3-1ubuntu1
devel	not-affected	3.7.3-1ubuntu1
esm-apps/bionic	not-affected	3.7.3-1ubuntu1
esm-apps/xenial	not-affected	3.7.3-1ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.7.3-1ubuntu1]]
lucid	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was needed

Показывать по

Релиз	Статус	Примечание
artful	released	0.63-1
bionic	released	0.63-1
cosmic	released	0.63-1
devel	released	0.63-1
esm-apps/bionic	released	0.63-1
esm-apps/xenial	released	0.63-1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [0.63-1]]
lucid	ignored	end of life
precise	released	0.62-6ubuntu0.1
precise/esm	DNE	precise was released [0.62-6ubuntu0.1]

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%

0.01751

Низкий

6.8 Medium

CVSS2

Связанные уязвимости

CVE-2013-4852

nvd

больше 12 лет назад

CVE-2013-4852

debian

больше 12 лет назад

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and o ...

GHSA-x52x-v8xm-9r9j

github

больше 3 лет назад

EPSS

Процентиль: 82%

0.01751

Низкий

6.8 Medium

CVSS2

CVE-2013-4852

Описание

Пакет filezilla

Пакет putty

Ссылки на источники

Связанные уязвимости