CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-12130

An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the library dereference a NULL pointer leading to a server crash and denial of service. An attacker needs to send a DNS query to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/102795
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0486
http://www.securityfocus.com/bid/102795
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0486

Products affected by CVE-2017-12130

Tinysvcmdns Project » Tinysvcmdns » Version: 2017-11-05

cpe:2.3:a:tinysvcmdns_project:tinysvcmdns:2017-11-05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-12130

Products

Pricing

Contact Us