admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-448xx/CVE-2021-44847.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

152 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-44847",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-13T01:15:07.730",
"lastModified": "2022-02-08T18:55:06.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n handle_request en el archivo DHT.c en toxcore versiones 0.1.9 hasta 0.1.11 y 0.2.0 hasta 0.2.12, (causado por un c\u00e1lculo inapropiado de la longitud durante el manejo de los paquetes de red recibidos) permite a atacantes remotos bloquear el proceso o ejecutar potencialmente c\u00f3digo arbitrario por medio de un paquete de red"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:toktok:toxcore:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.1.9",
"versionEndIncluding": "0.1.11",
"matchCriteriaId": "9F951E6A-92B6-4D08-974C-E469CBEBC5A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:toktok:toxcore:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.2.0",
"versionEndIncluding": "0.2.12",
"matchCriteriaId": "26425E31-7304-4963-AD7B-99F54D9BBBBF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/TokTok/c-toxcore/pull/1718",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S7EBS3NIRYJ7V3PTNINP3PJSVUHGZTGA/",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLTKINSPO5T65LB3ZASDPCREKUE22RYE/",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink