CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-46052

Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c via a long init_mode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.3%

CVSS Severity

CVSS v3 Score 7.1

References

http://seclists.org/fulldisclosure/2024/Jan/69
https://gitlab.com/sane-project/backends/-/issues/709
http://packetstormsecurity.com/files/176823/sane-1.2.1-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2024/Jan/69
https://gitlab.com/sane-project/backends/-/issues/709

Products affected by CVE-2023-46052

Sane-Project » Sane Backends » Version: N/A

cpe:2.3:h:sane-project:sane_backends:-
Sane-Project » Sane Backends » Version: 1.2.1

cpe:2.3:o:sane-project:sane_backends:1.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-46052

Products

Pricing

Contact Us