CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-17264

In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.5%

CVSS Severity

CVSS v3 Score 3.3

CVSS v2 Score 2.1

References

https://github.com/libyal/liblnk/compare/20181227...20191006
https://github.com/libyal/liblnk/issues/38
https://github.com/libyal/liblnk/compare/20181227...20191006
https://github.com/libyal/liblnk/issues/38

Products affected by CVE-2019-17264

Liblnk Project » Liblnk » Version: N/A

cpe:2.3:a:liblnk_project:liblnk:-
Liblnk Project » Liblnk » Version: 20171101

cpe:2.3:a:liblnk_project:liblnk:20171101
Liblnk Project » Liblnk » Version: 20180419

cpe:2.3:a:liblnk_project:liblnk:20180419
Liblnk Project » Liblnk » Version: 20180626

cpe:2.3:a:liblnk_project:liblnk:20180626
Liblnk Project » Liblnk » Version: 20181227

cpe:2.3:a:liblnk_project:liblnk:20181227

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17264

Products

Pricing

Contact Us