36

CVE-2019-3855: out of bounds write in libssh2 before 1.8.1

 5 years ago
source link: https://www.tuicool.com/articles/hit/UjMZvui
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Impact

CVSS v3.0 Severity and Metrics:

Base Score: 8.8 HIGH Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ( V3 legend ) Impact Score: 5.9 Exploitability Score: 2.8

Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required Scope (S): Unchanged Confidentiality (C): High Integrity (I): High Availability (A): High

CVSS v2.0 Severity and Metrics:

Base Score: 9.3 HIGH Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) ( V2 legend ) Impact Subscore: 10.0 Exploitability Subscore: 8.6

Access Vector (AV): Network Access Complexity (AC): Medium Authentication (AU): None Confidentiality (C): Complete Integrity (I): Complete Availability (A): Complete

Additional Information:

Victim must voluntarily interact with attack mechanism

Allows unauthorized disclosure of information

Allows unauthorized modification

Allows disruption of service


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK