CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-36377

Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.6%

CVSS Severity

CVSS v3 Score 7.8

References

https://github.com/mtrojnar/osslsigncode/compare/2.2...2.3
https://github.com/mtrojnar/osslsigncode/releases/tag/2.3
https://lists.debian.org/debian-lts-announce/2023/12/msg00016.html
https://github.com/mtrojnar/osslsigncode/compare/2.2...2.3
https://github.com/mtrojnar/osslsigncode/releases/tag/2.3
https://lists.debian.org/debian-lts-announce/2023/12/msg00016.html

Products affected by CVE-2023-36377

Osslsigncode Project » Osslsigncode » Version: 2.3

cpe:2.3:a:osslsigncode_project:osslsigncode:2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-36377

Products

Pricing

Contact Us