CVE-2016-5119

Опубликовано: 23 янв. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5.1

CVSS3: 7.5

Описание

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.

Релиз	Статус	Примечание
devel	not-affected
esm-apps/xenial	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
precise	not-affected	2.18+dfsg-2
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	released	2.18+dfsg-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 49%

0.0026

Низкий

5.1 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-5119

CVSS3: 7.5

nvd

около 9 лет назад

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.

CVE-2016-5119

CVSS3: 7.5

debian

около 9 лет назад

The automatic update feature in KeePass 2.33 and earlier allows man-in ...

GHSA-cvv5-jq3p-gqgx

CVSS3: 7.5

github

больше 3 лет назад

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.

EPSS

Процентиль: 49%

0.0026

Низкий

5.1 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-5119

Описание

Пакет keepass2

Ссылки на источники

Связанные уязвимости