Lucene search
K

4 matches found

seebug.org
seebug.org
added 2017/11/08 12:0 a.m.114 views

Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability(CVE-2017-2922)

Summary An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited...

9.9AI score0.02625EPSS
Exploits2
NVD
NVD
added 2017/11/07 4:29 p.m.19 views

CVE-2017-2922

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to...

9.8CVSS9.9AI score0.02625EPSS
Exploits2References1
CVE
CVE
added 2017/11/07 4:0 p.m.67 views

CVE-2017-2922

CVE-2017-2922 affects Cesanta Mongoose 6.8 (Websocket protocol handling). A memory corruption via fragmented WebSocket frames can trigger a use-after-free when reassembling data in mg_deliver_websocket_data, due to a buffer resize that invalidates pointers and leads to reads/writes on freed memor...

9.8CVSS9.8AI score0.02625EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2017/11/07 4:0 p.m.21 views

CVE-2017-2922

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to...

9.8CVSS9.9AI score0.02625EPSS
Exploits2References1
Rows per page
Query Builder