Lucene search

PRIOn knowledge basePRION:CVE-2010-2947

HistoryAug 24, 2010 - 8:00 p.m.

Heap overflow

2010-08-2420:00:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.131 Low

EPSS

Percentile

95.4%

JSON

Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.

CPENameOperatorVersion
libhxeq2.0
libhxeq2.3
libhxeq1.23
libhxeq2.2
libhxeq1.18
libhxeq3.2
libhxeq2.1
libhxeq3.0
libhxeq3.3
libhxeq1.17

Name	Operator	Version
libhx	eq	2.0
libhx	eq	2.3
libhx	eq	1.23
libhx	eq	2.2
libhx	eq	1.18
libhx	eq	3.2
libhx	eq	2.1
libhx	eq	3.0
libhx	eq	3.3
libhx	eq	1.17

Rows per page:

1-10 of 291

References

libhx.git.sourceforge.net/git/gitweb.cgi?p=libhx/libhx%3Ba=commit%3Bh=904a46f90dd3f046bfac0b64a5e813d7cd4fca59

lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

www.mandriva.com/security/advisories?name=MDVSA-2010:165

www.openwall.com/lists/oss-security/2010/08/20/12

www.openwall.com/lists/oss-security/2010/08/20/5

www.securityfocus.com/bid/42592

www.vupen.com/english/advisories/2010/2232

bugzilla.redhat.com/show_bug.cgi?id=625866

8.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.131 Low

EPSS

Percentile

95.4%

JSON

Related for PRION:CVE-2010-2947