Lucene search
TrellixCVELIST:CVE-2023-0977HistoryApr 03, 2023 - 3:39 p.m.
CVE-2023-0977
2023-04-0315:39:43
CWE-120
trellix
www.cve.org
cve-2023-0977
trellix agent
windows
linux
heap-based
overflow
remote user
memory block
unavailable service
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
46.7%
A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "Trellix Agent",
"vendor": "Trellix",
"versions": [
{
"lessThanOrEqual": "5.7.8 ",
"status": "affected",
"version": "5.7.8",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-0977
2023-04-03 16:15:07
prion
prion
Heap overflow
2023-04-03 16:15:00
nessus
nessus
Trellix Agent < 5.7.9 Heap-Based Overflow Vulnerability (SB10396)
2023-05-04 00:00:00
Trellix Agent < 5.7.9 Multiple Vulnerabilities (SB10396)
2023-05-03 00:00:00
nvd
nvd
CVE-2023-0977
2023-04-03 16:15:07
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
46.7%
Related for CVELIST:CVE-2023-0977