Vulnerability Details CVE-2017-6448
The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 48.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/97313
- https://github.com/radare/radare2/commit/f41e941341e44aa86edd4483c4487ec09a074257
- https://github.com/radare/radare2/issues/6885
- http://www.securityfocus.com/bid/97313
- https://github.com/radare/radare2/commit/f41e941341e44aa86edd4483c4487ec09a074257
- https://github.com/radare/radare2/issues/6885