Lucene search

[email protected]CVE-2017-6427

HistoryMar 10, 2017 - 10:59 a.m.

CVE-2017-6427

2017-03-1010:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-6427

buffer overflow

evostream media server

http request

crash

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.013 Low

EPSS

Percentile

85.7%

JSON

A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request.

Affected configurations

NVD

Node

evostreammedia_serverMatch1.7.1

CPENameOperatorVersion
evostream:media_serverevostream media servereq1.7.1

CPE	Name	Operator	Version
evostream:media_server	evostream media server	eq	1.7.1

References

www.securityfocus.com/bid/96820

www.exploit-db.com/exploits/41547/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.013 Low

EPSS

Percentile

85.7%

JSON

Related for CVE-2017-6427

cvelist1 exploitpack1 prion1 packetstorm1 zdt1 nvd1 exploitdb1