Vulnerability Details CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.9%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 7.5
References
Products affected by CVE-2017-12087
-
cpe:2.3:a:tinysvcmdns_project:tinysvcmdns:2016-07-18