Vulnerability Details CVE-2018-7039
CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer data type causing a negative third argument in some cases of crafted TLV data with inconsistent length information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 69.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References