Описание
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | released | 4.3.29-1 |
| disco | ignored | end of life |
| eoan | released | 4.3.29-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | released | 4.3.29-1 |
| esm-apps/jammy | released | 4.3.29-1 |
| esm-apps/noble | released | 4.3.29-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the ...
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3