CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5240

Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. A malicious or malformed Flash source file can cause a denial of service condition when parsed by this component, causing the application to crash.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2017-5240

Rapid7 » Appspider Pro » Version: N/A

cpe:2.3:a:rapid7:appspider_pro:-
Rapid7 » Appspider Pro » Version: 6.14.043

cpe:2.3:a:rapid7:appspider_pro:6.14.043
Rapid7 » Appspider Pro » Version: 6.14.045

cpe:2.3:a:rapid7:appspider_pro:6.14.045
Rapid7 » Appspider Pro » Version: 6.14.046

cpe:2.3:a:rapid7:appspider_pro:6.14.046
Rapid7 » Appspider Pro » Version: 6.14.050

cpe:2.3:a:rapid7:appspider_pro:6.14.050
Rapid7 » Appspider Pro » Version: 6.14.053

cpe:2.3:a:rapid7:appspider_pro:6.14.053
Rapid7 » Appspider Pro » Version: 6.14.056

cpe:2.3:a:rapid7:appspider_pro:6.14.056
Rapid7 » Appspider Pro » Version: 6.14.058

cpe:2.3:a:rapid7:appspider_pro:6.14.058
Rapid7 » Appspider Pro » Version: 6.14.059

cpe:2.3:a:rapid7:appspider_pro:6.14.059

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5240

Products

Pricing

Contact Us