Lucene search

[email protected]CVE-2010-4743

HistoryFeb 18, 2011 - 7:00 p.m.

CVE-2010-4743

2011-02-1819:00:14

CWE-787

[email protected]

web.nvd.nist.gov

cve-2010-4743

heap-based buffer overflow

getarena function

abc2ps

abcm2ps

remote code execution

cve-2010-3441

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.055 Low

EPSS

Percentile

93.2%

JSON

Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

moinejfabcm2psRange<5.9.13

Node

fedoraprojectfedoraMatch13

fedoraprojectfedoraMatch14

CPENameOperatorVersion
moinejf:abcm2psmoinejf abcm2pslt5.9.13

CPE	Name	Operator	Version
moinejf:abcm2ps	moinejf abcm2ps	lt	5.9.13

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014

lists.fedoraproject.org/pipermail/package-announce/2011-February/054015.html

lists.fedoraproject.org/pipermail/package-announce/2011-March/054424.html

moinejf.free.fr/abcm2ps-5.txt

secunia.com/advisories/40033

secunia.com/advisories/43338

www.vupen.com/english/advisories/2011/0390

bugzilla.redhat.com/show_bug.cgi?id=600729

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.055 Low

EPSS

Percentile

93.2%

JSON

Related for CVE-2010-4743

debiancve3 cvelist3 ubuntucve3 nvd3 prion3 nessus3 gentoo1 openvas6 fedora2 cve2