Vulnerability Details CVE-2011-5280
Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git%3Ba=commitdiff%3Bh=5b04b249db166ec38c1ee99a9eadcaa300c0f454
- http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git%3Ba=commitdiff%3Bh=ae04b50a71f3e96ee1bc59b76fca97cf0fe976f7
- http://www.openwall.com/lists/oss-security/2013/04/28/3
- http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git%3Ba=commitdiff%3Bh=5b04b249db166ec38c1ee99a9eadcaa300c0f454
- http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git%3Ba=commitdiff%3Bh=ae04b50a71f3e96ee1bc59b76fca97cf0fe976f7
- http://www.openwall.com/lists/oss-security/2013/04/28/3
Products affected by CVE-2011-5280
-
cpe:2.3:a:universityofcalifornia:boinc_client:6.13.0
-
cpe:2.3:a:universityofcalifornia:boinc_client:6.13.1