CVE-2018-8050

{"id": "CVE-2018-8050", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2018-03-11T06:29:00.207", "references": [{"url": "https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value."}, {"lang": "es", "value": "La funci\u00f3n af_get_page() en lib/afflib_pages.cpp en AFFLIB (tambi\u00e9n conocido como AFFLIBv3), hasta la versi\u00f3n 3.7.16, permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) mediante una imagen AFF corrupta que desencadena un valor de tama\u00f1o de p\u00e1gina inesperado."}], "lastModified": "2024-11-21T04:13:11.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:afflib_project:afflib:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F063B481-A66C-4710-95F4-C6E8BC98E25D", "versionEndIncluding": "3.7.16"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}