Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-3817

A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 6.8
Products affected by CVE-2019-3817
  • Rpm » Libcomps » Version: 0.1.1-1
    cpe:2.3:a:rpm:libcomps:0.1.1-1
  • Rpm » Libcomps » Version: 0.1.2
    cpe:2.3:a:rpm:libcomps:0.1.2
  • Rpm » Libcomps » Version: 0.1.3
    cpe:2.3:a:rpm:libcomps:0.1.3
  • Rpm » Libcomps » Version: 0.1.4
    cpe:2.3:a:rpm:libcomps:0.1.4
  • Rpm » Libcomps » Version: 0.1.4-4
    cpe:2.3:a:rpm:libcomps:0.1.4-4
  • Rpm » Libcomps » Version: 0.1.5
    cpe:2.3:a:rpm:libcomps:0.1.5
  • Rpm » Libcomps » Version: 0.1.6
    cpe:2.3:a:rpm:libcomps:0.1.6
  • Rpm » Libcomps » Version: 0.1.7
    cpe:2.3:a:rpm:libcomps:0.1.7
  • Rpm » Libcomps » Version: 0.1.8
    cpe:2.3:a:rpm:libcomps:0.1.8
  • Rpm » Libcomps » Version: 0.1.9
    cpe:2.3:a:rpm:libcomps:0.1.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved