Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-5343

Опубликовано: 14 апр. 2016
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 8
CVSS3: 7.6

Описание

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

РелизСтатусПримечание
devel

not-affected

1.9.3-1ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.8.8-1ubuntu3.3]]
esm-infra/xenial

not-affected

1.9.3-1ubuntu1
precise

not-affected

code not present
precise/esm

not-affected

code not present
trusty

released

1.8.8-1ubuntu3.3
trusty/esm

DNE

trusty was released [1.8.8-1ubuntu3.3]
upstream

released

1.8.15,1.9.3
vivid

ignored

end of life
vivid/stable-phone-overlay

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%
0.19092
Средний

8 High

CVSS2

7.6 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-5343

redhat
около 10 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

nvd логотип

CVE-2015-5343

CVSS3: 7.6
nvd
почти 10 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

debian логотип

CVE-2015-5343

CVSS3: 7.6
debian
почти 10 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, ...

suse-cvrf логотип

SUSE-SU-2016:0043-1

suse-cvrf
около 10 лет назад

Security update for subversion

github логотип

GHSA-g5xg-c32g-4v99

CVSS3: 7.6
github
больше 3 лет назад

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

EPSS

Процентиль: 95%
0.19092
Средний

8 High

CVSS2

7.6 High

CVSS3