Опубликовано: 22 июл. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 7.8
Описание
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 4.3-17 |
| cosmic | not-affected | 4.3-17 |
| devel | not-affected | 4.3-17 |
| disco | not-affected | 4.3-17 |
| eoan | not-affected | 4.3-17 |
| esm-apps/bionic | not-affected | 4.3-17 |
| esm-apps/focal | not-affected | 4.3-17 |
| esm-apps/xenial | released | 4.3-15+deb8u1build0.16.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 91%
0.06839
Низкий
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
больше 9 лет назад
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
CVSS3: 7.8
debian
больше 9 лет назад
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in ...
EPSS
Процентиль: 91%
0.06839
Низкий
7.2 High
CVSS2
7.8 High
CVSS3