CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-10387

Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.082

EPSS Ranking 91.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://sourceforge.net/p/tftp-server/discussion/550564/thread/a586ce62/
https://sourceforge.net/p/tftp-server/discussion/550564/thread/a586ce62/

Products affected by CVE-2018-10387

Open Tftp Server Project » Open Tftp Server » Version: N/A

cpe:2.3:a:open_tftp_server_project:open_tftp_server:-
Open Tftp Server Project » Open Tftp Server » Version: 1.64

cpe:2.3:a:open_tftp_server_project:open_tftp_server:1.64
Open Tftp Server Project » Open Tftp Server » Version: 1.66

cpe:2.3:a:open_tftp_server_project:open_tftp_server:1.66

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10387

Products

Pricing

Contact Us