Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-10253

Опубликовано: 18 мар. 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.

РелизСтатусПримечание
artful

not-affected

1:20.0.4+dfsg-1ubuntu1
devel

not-affected

1:20.1.7+dfsg-1ubuntu1
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/xenial

released

1:18.3-dfsg-1ubuntu3.1
precise

not-affected

code not present
precise/esm

DNE

precise was not-affected [code not present]
trusty

not-affected

code not present
trusty/esm

not-affected

code not present
upstream

needs-triage

vivid/stable-phone-overlay

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00513
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-10253

CVSS3: 4.4
redhat
больше 9 лет назад

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.

nvd логотип

CVE-2016-10253

CVSS3: 9.8
nvd
почти 9 лет назад

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.

debian логотип

CVE-2016-10253

CVSS3: 9.8
debian
почти 9 лет назад

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of com ...

github логотип

GHSA-9cqh-gh33-j3r9

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.

EPSS

Процентиль: 66%
0.00513
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3