Lucene search

VulDBCVE-2015-10088

HistoryMar 05, 2023 - 5:15 a.m.

CVE-2015-10088

2023-03-0505:15:09

CWE-134

VulDB

web.nvd.nist.gov

cve-2015-10088

ayttm

vulnerability

format string

libproxy

patch

vdb-222267

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

54.5%

JSON

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function http_connect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 40e04680018614a7d2b68566b261b061a0597046. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222267.

Affected configurations

Nvd

Vulners

Node

ayttm_projectayttmRange≤0.5.0-89

VendorProductVersionCPE
ayttm_projectayttm*cpe:2.3:a:ayttm_project:ayttm:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ayttm_project	ayttm	*	cpe:2.3:a:ayttm_project:ayttm::::::::

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "ayttm",
    "versions": [
      {
        "version": "0.5.0.0",
        "status": "affected"
      },
      {
        "version": "0.5.0.1",
        "status": "affected"
      },
      {
        "version": "0.5.0.2",
        "status": "affected"
      },
      {
        "version": "0.5.0.3",
        "status": "affected"
      },
      {
        "version": "0.5.0.4",
        "status": "affected"
      },
      {
        "version": "0.5.0.5",
        "status": "affected"
      },
      {
        "version": "0.5.0.6",
        "status": "affected"
      },
      {
        "version": "0.5.0.7",
        "status": "affected"
      },
      {
        "version": "0.5.0.8",
        "status": "affected"
      },
      {
        "version": "0.5.0.9",
        "status": "affected"
      },
      {
        "version": "0.5.0.10",
        "status": "affected"
      },
      {
        "version": "0.5.0.11",
        "status": "affected"
      },
      {
        "version": "0.5.0.12",
        "status": "affected"
      },
      {
        "version": "0.5.0.13",
        "status": "affected"
      },
      {
        "version": "0.5.0.14",
        "status": "affected"
      },
      {
        "version": "0.5.0.15",
        "status": "affected"
      },
      {
        "version": "0.5.0.16",
        "status": "affected"
      },
      {
        "version": "0.5.0.17",
        "status": "affected"
      },
      {
        "version": "0.5.0.18",
        "status": "affected"
      },
      {
        "version": "0.5.0.19",
        "status": "affected"
      },
      {
        "version": "0.5.0.20",
        "status": "affected"
      },
      {
        "version": "0.5.0.21",
        "status": "affected"
      },
      {
        "version": "0.5.0.22",
        "status": "affected"
      },
      {
        "version": "0.5.0.23",
        "status": "affected"
      },
      {
        "version": "0.5.0.24",
        "status": "affected"
      },
      {
        "version": "0.5.0.25",
        "status": "affected"
      },
      {
        "version": "0.5.0.26",
        "status": "affected"
      },
      {
        "version": "0.5.0.27",
        "status": "affected"
      },
      {
        "version": "0.5.0.28",
        "status": "affected"
      },
      {
        "version": "0.5.0.29",
        "status": "affected"
      },
      {
        "version": "0.5.0.30",
        "status": "affected"
      },
      {
        "version": "0.5.0.31",
        "status": "affected"
      },
      {
        "version": "0.5.0.32",
        "status": "affected"
      },
      {
        "version": "0.5.0.33",
        "status": "affected"
      },
      {
        "version": "0.5.0.34",
        "status": "affected"
      },
      {
        "version": "0.5.0.35",
        "status": "affected"
      },
      {
        "version": "0.5.0.36",
        "status": "affected"
      },
      {
        "version": "0.5.0.37",
        "status": "affected"
      },
      {
        "version": "0.5.0.38",
        "status": "affected"
      },
      {
        "version": "0.5.0.39",
        "status": "affected"
      },
      {
        "version": "0.5.0.40",
        "status": "affected"
      },
      {
        "version": "0.5.0.41",
        "status": "affected"
      },
      {
        "version": "0.5.0.42",
        "status": "affected"
      },
      {
        "version": "0.5.0.43",
        "status": "affected"
      },
      {
        "version": "0.5.0.44",
        "status": "affected"
      },
      {
        "version": "0.5.0.45",
        "status": "affected"
      },
      {
        "version": "0.5.0.46",
        "status": "affected"
      },
      {
        "version": "0.5.0.47",
        "status": "affected"
      },
      {
        "version": "0.5.0.48",
        "status": "affected"
      },
      {
        "version": "0.5.0.49",
        "status": "affected"
      },
      {
        "version": "0.5.0.50",
        "status": "affected"
      },
      {
        "version": "0.5.0.51",
        "status": "affected"
      },
      {
        "version": "0.5.0.52",
        "status": "affected"
      },
      {
        "version": "0.5.0.53",
        "status": "affected"
      },
      {
        "version": "0.5.0.54",
        "status": "affected"
      },
      {
        "version": "0.5.0.55",
        "status": "affected"
      },
      {
        "version": "0.5.0.56",
        "status": "affected"
      },
      {
        "version": "0.5.0.57",
        "status": "affected"
      },
      {
        "version": "0.5.0.58",
        "status": "affected"
      },
      {
        "version": "0.5.0.59",
        "status": "affected"
      },
      {
        "version": "0.5.0.60",
        "status": "affected"
      },
      {
        "version": "0.5.0.61",
        "status": "affected"
      },
      {
        "version": "0.5.0.62",
        "status": "affected"
      },
      {
        "version": "0.5.0.63",
        "status": "affected"
      },
      {
        "version": "0.5.0.64",
        "status": "affected"
      },
      {
        "version": "0.5.0.65",
        "status": "affected"
      },
      {
        "version": "0.5.0.66",
        "status": "affected"
      },
      {
        "version": "0.5.0.67",
        "status": "affected"
      },
      {
        "version": "0.5.0.68",
        "status": "affected"
      },
      {
        "version": "0.5.0.69",
        "status": "affected"
      },
      {
        "version": "0.5.0.70",
        "status": "affected"
      },
      {
        "version": "0.5.0.71",
        "status": "affected"
      },
      {
        "version": "0.5.0.72",
        "status": "affected"
      },
      {
        "version": "0.5.0.73",
        "status": "affected"
      },
      {
        "version": "0.5.0.74",
        "status": "affected"
      },
      {
        "version": "0.5.0.75",
        "status": "affected"
      },
      {
        "version": "0.5.0.76",
        "status": "affected"
      },
      {
        "version": "0.5.0.77",
        "status": "affected"
      },
      {
        "version": "0.5.0.78",
        "status": "affected"
      },
      {
        "version": "0.5.0.79",
        "status": "affected"
      },
      {
        "version": "0.5.0.80",
        "status": "affected"
      },
      {
        "version": "0.5.0.81",
        "status": "affected"
      },
      {
        "version": "0.5.0.82",
        "status": "affected"
      },
      {
        "version": "0.5.0.83",
        "status": "affected"
      },
      {
        "version": "0.5.0.84",
        "status": "affected"
      },
      {
        "version": "0.5.0.85",
        "status": "affected"
      },
      {
        "version": "0.5.0.86",
        "status": "affected"
      },
      {
        "version": "0.5.0.87",
        "status": "affected"
      },
      {
        "version": "0.5.0.88",
        "status": "affected"
      },
      {
        "version": "0.5.0.89",
        "status": "affected"
      }
    ]
  }
]

References

github.com/ayttm/ayttm/commit/40e04680018614a7d2b68566b261b061a0597046

sourceforge.net/p/ayttm/mailman/message/34397158/

vuldb.com/?ctiid.222267

vuldb.com/?id.222267

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

54.5%

JSON

Related for CVE-2015-10088