CVE-2016-10197

Опубликовано: 15 мар. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.

Релиз	Статус	Примечание
devel	released	54.0+build3-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [53.0+build6-0ubuntu0.14.04.1]]
precise	ignored
precise/esm	DNE	precise was ignored
trusty	released	53.0+build6-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [53.0+build6-0ubuntu0.14.04.1]
upstream	released	53.0
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	53.0+build6-0ubuntu0.16.04.1

Показывать по

Релиз	Статус	Примечание
devel	released	2.0.21-stable-3
esm-infra-legacy/trusty	not-affected	2.0.21-stable-1ubuntu1.14.04.2
esm-infra/xenial	not-affected	2.0.21-stable-2ubuntu0.16.04.1
precise	released	2.0.16-stable-1ubuntu0.2
precise/esm	not-affected	2.0.16-stable-1ubuntu0.2
trusty	released	2.0.21-stable-1ubuntu1.14.04.2
trusty/esm	not-affected	2.0.21-stable-1ubuntu1.14.04.2
upstream	released	2.0.21-stable-3
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	released	1:52.1.1+build1-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1:52.1.1+build1-0ubuntu0.14.04.1]]
precise/esm	DNE
trusty	released	1:52.1.1+build1-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [1:52.1.1+build1-0ubuntu0.14.04.1]
upstream	needs-triage
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	1:52.1.1+build1-0ubuntu0.16.04.1
yakkety	released	1:52.1.1+build1-0ubuntu0.16.10.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 80%

0.01446

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-10197

CVSS3: 7.5

redhat

больше 9 лет назад

The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.

CVE-2016-10197

CVSS3: 7.5

nvd

больше 8 лет назад

The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.

CVE-2016-10197

CVSS3: 7.5

debian

больше 8 лет назад

The search_make_new function in evdns.c in libevent before 2.1.6-beta ...

GHSA-p9p6-m8vm-vcxx

CVSS3: 7.5

github

около 3 лет назад

The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.

openSUSE-SU-2018:0220-1

suse-cvrf

больше 7 лет назад

Security update for libevent

EPSS

Процентиль: 80%

0.01446

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-10197

Описание

Пакет firefox

Пакет libevent

Пакет thunderbird

Ссылки на источники

Связанные уязвимости