CVE-2017-15256

{"id": "CVE-2017-15256", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-10-11T18:29:04.270", "references": [{"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15256", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15256", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to \"Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x0000000000019fc8.\""}, {"lang": "es", "value": "IrfanView 4.44 (32bit), con la versi\u00f3n del plugin PDF 4.43, permite que los atacantes provoquen una denegaci\u00f3n de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .pdf manipulado. Esta vulnerabilidad est\u00e1 relacionada con \"Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x0000000000019fc8\"."}], "lastModified": "2024-11-21T03:14:19.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:irfanview:pdf:4.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF85102B-9D56-470B-B839-76F96598F85E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "88778CE0-192D-42EA-8644-9BF65D383A7C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}