CVE-2017-2807

🗓️ 05 Sep 2017 18:29:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 16 Views

Buffer overflow in Ledger-CLI 3.1.1 tag parsin

Reporter	Title	Published	Views	Family All 24
CNVD	Ledger-CLI tag parsing buffer overflow vulnerability	6 Sep 201700:00	–	cnvd
CVE	CVE-2017-2807	5 Sep 201718:00	–	cve
Cvelist	CVE-2017-2807	5 Sep 201718:00	–	cvelist
Debian CVE	CVE-2017-2807	5 Sep 201718:00	–	debiancve
EUVD	EUVD-2017-11950	7 Oct 202500:30	–	euvd
Tenable Nessus	FreeBSD : ledger -- multiple vulnerabilities (d843a984-7f22-484f-ba81-483ddbe30dc3)	27 Sep 201700:00	–	nessus
Tenable Nessus	GLSA-202004-05 : ledger: Multiple vulnerabilities	2 Apr 202000:00	–	nessus
Tenable Nessus	openSUSE Security Update : ledger (openSUSE-2019-1779)	22 Jul 201900:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2017-2807	24 Aug 202500:00	–	nessus
Gentoo Linux	ledger: Multiple vulnerabilities	1 Apr 202000:00	–	gentoo

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	18.04	any	ledger	0	ledger_0_any.deb
Ubuntu	21.10	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	20.10	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	22.04	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	22.10	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	23.04	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	19.04	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	19.10	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	20.04	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb
Ubuntu	21.04	any	ledger	3.1.2+dfsg1-1	ledger_3.1.2+dfsg1-1_any.deb

Source	Link
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303
github	www.github.com/ledger/ledger/commit/5682f377aed5b0db6b6c4a44b1d8868103b7e9f7
cve	www.cve.org/CVERecord

26 Aug 2025 11:59Current

7.3High risk

Vulners AI Score7.3

CVSS 26.8

CVSS 37.5 - 7.8

EPSS0.00642

cve-2017-2807 exploitable vulnerability buffer overflow ledger-cli 3.1.1 tag parsing integer underflow code execution journal file unix