Vulnerability Details CVE-2017-20229
MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a return-oriented programming chain to spawn a shell with application privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2017-20229
-
cpe:2.3:a:invisible-island:mawk:*