nvd-json-data-feeds/CVE-2017/CVE-2017-10xx/CVE-2017-1084.json

{
  "id": "CVE-2017-1084",
  "sourceIdentifier": "secteam@freebsd.org",
  "published": "2018-09-12T14:29:00.547",
  "lastModified": "2018-11-23T17:18:59.550",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow."
    },
    {
      "lang": "es",
      "value": "En FreeBSD en versiones anteriores a la 11.2-RELEASE, m\u00faltiples problemas con la implementaci\u00f3n de la p\u00e1gina guard de la pila reducen las protecciones de la p\u00e1gina guard. Esto resulta en la posibilidad de que un proceso mal escrito provoque un desbordamiento de pila."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "11.2",
              "matchCriteriaId": "B7354D16-6431-43C2-97BA-EBBF482572C9"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.exploit-db.com/exploits/42277/",
      "source": "secteam@freebsd.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://www.exploit-db.com/exploits/42278/",
      "source": "secteam@freebsd.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
      "source": "secteam@freebsd.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ]
    }
  ]
}