CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9052

An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few places in this function) and a failure in a check in dwarf_attr_list().

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/98553
https://www.prevanders.net/dwarfbug.html
http://www.securityfocus.com/bid/98553
https://www.prevanders.net/dwarfbug.html

Products affected by CVE-2017-9052

Libdwarf Project » Libdwarf » Version: 2017-03-21

cpe:2.3:a:libdwarf_project:libdwarf:2017-03-21

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9052

Products

Pricing

Contact Us