CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-15385

The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4
https://github.com/radare/radare2/issues/8685
https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4
https://github.com/radare/radare2/issues/8685

Products affected by CVE-2017-15385

Radare » Radare2 » Version: 2.0.0

cpe:2.3:a:radare:radare2:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-15385

Products

Pricing

Contact Us