Vulnerability Details CVE-2017-12919
Heap-based buffer overflow in OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2017/08/17/13
- https://blogs.gentoo.org/ago/2017/08/09/libfpx-heap-based-buffer-overflow-in-olestreamwritevt_lpstr-olestrm-cpp/
- http://www.openwall.com/lists/oss-security/2017/08/17/13
- https://blogs.gentoo.org/ago/2017/08/09/libfpx-heap-based-buffer-overflow-in-olestreamwritevt_lpstr-olestrm-cpp/
Products affected by CVE-2017-12919
-
cpe:2.3:a:libfpx_project:libfpx:1.3.1