CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4303

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.058

EPSS Ranking 90.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2016-4303

Es » Iperf3 » Version: 3.0

cpe:2.3:a:es:iperf3:3.0
Es » Iperf3 » Version: 3.0.1

cpe:2.3:a:es:iperf3:3.0.1
Es » Iperf3 » Version: 3.0.10

cpe:2.3:a:es:iperf3:3.0.10
Es » Iperf3 » Version: 3.0.11

cpe:2.3:a:es:iperf3:3.0.11
Es » Iperf3 » Version: 3.0.2

cpe:2.3:a:es:iperf3:3.0.2
Es » Iperf3 » Version: 3.0.3

cpe:2.3:a:es:iperf3:3.0.3
Es » Iperf3 » Version: 3.0.4

cpe:2.3:a:es:iperf3:3.0.4
Es » Iperf3 » Version: 3.0.5

cpe:2.3:a:es:iperf3:3.0.5
Es » Iperf3 » Version: 3.0.6

cpe:2.3:a:es:iperf3:3.0.6
Es » Iperf3 » Version: 3.0.7

cpe:2.3:a:es:iperf3:3.0.7
Es » Iperf3 » Version: 3.0.8

cpe:2.3:a:es:iperf3:3.0.8
Es » Iperf3 » Version: 3.0.9

cpe:2.3:a:es:iperf3:3.0.9
Es » Iperf3 » Version: 3.1

cpe:2.3:a:es:iperf3:3.1
Es » Iperf3 » Version: 3.1.1

cpe:2.3:a:es:iperf3:3.1.1
Es » Iperf3 » Version: 3.1.2

cpe:2.3:a:es:iperf3:3.1.2
Novell » Suse Package Hub For Suse Linux Enterprise » Version: 12

cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Opensuse » Leap » Version: 42.1

cpe:2.3:o:opensuse:leap:42.1
Opensuse » Opensuse » Version: 13.2

cpe:2.3:o:opensuse:opensuse:13.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4303

Products

Pricing

Contact Us