Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2017
CVE-2016-7969
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
CVSS Score
7.5
EPSS Score
0.053
Published
2017-03-03
CVE-2016-7970
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.012
Published
2017-03-03
CVE-2016-7972
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.023
Published
2017-03-03
CVE-2017-5616
Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-03-03
CVE-2017-5830
Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.
CVSS Score
9.8
EPSS Score
0.037
Published
2017-03-03
CVE-2017-5831
Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, when setting a new password, allows remote attackers to hijack web sessions via the session ID.
CVSS Score
5.9
EPSS Score
0.002
Published
2017-03-03
CVE-2017-5832
Cross-site scripting (XSS) vulnerability in Revive Adserver before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the user's email address.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-03-03
CVE-2017-5833
Cross-site scripting (XSS) vulnerability in the invocation code generation for interstitial zones in Revive Adserver before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-03-03
CVE-2017-5834
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-03-03
CVE-2017-5835
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-03-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved