Lucene search

[email protected]CVE-2016-1131

HistoryJan 08, 2016 - 2:59 a.m.

CVE-2016-1131

2016-01-0802:59:05

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-1131

buffer overflow

takumi yamada dx library

3.16

remote attack

code execution

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.9%

JSON

Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string.

Affected configurations

NVD

Node

dx_library_projectdx_libraryRange≤3.15e

CPENameOperatorVersion
dx_library_project:dx_librarydx library project dx libraryle3.15e

CPE	Name	Operator	Version
dx_library_project:dx_library	dx library project dx library	le	3.15e

References

homepage2.nifty.com/natupaji/DxLib/dxvulnerability.html

jvn.jp/en/jp/JVN49476817/index.html

jvndb.jvn.jp/jvndb/JVNDB-2016-000001

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2016-1131

cvelist1 jvn1 prion1 nvd1