Lucene search

[email protected]CVE-2023-23082

HistoryFeb 03, 2023 - 10:15 p.m.

CVE-2023-23082

2023-02-0322:15:12

CWE-787

[email protected]

web.nvd.nist.gov

371

cve-2023-23082

heap buffer overflow

kodi home theater software

denial of service

nvd

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

31.6%

JSON

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

CPENameOperatorVersion
kodi:kodikodile19.5
kodi:kodikodieq13.2
kodi:kodikodieq18.0
kodi:kodikodieq18.2
kodi:kodikodieq17.5
kodi:kodikodieq18.1
kodi:kodikodieq17.0
kodi:kodikodieq14.2
kodi:kodikodieq17.1
kodi:kodikodieq17.2

CPE	Name	Operator	Version
kodi:kodi	kodi	le	19.5
kodi:kodi	kodi	eq	13.2
kodi:kodi	kodi	eq	18.0
kodi:kodi	kodi	eq	18.2
kodi:kodi	kodi	eq	17.5
kodi:kodi	kodi	eq	18.1
kodi:kodi	kodi	eq	17.0
kodi:kodi	kodi	eq	14.2
kodi:kodi	kodi	eq	17.1
kodi:kodi	kodi	eq	17.2