CVE-2019-19796

{"id": "CVE-2019-19796", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-12-13T22:15:11.497", "references": [{"url": "https://github.com/marcIhm/yabasic/issues/37", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file."}, {"lang": "es", "value": "Yabasic versi\u00f3n 2.86.2, tiene un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n myformat en el archivo function.c por medio de un archivo fuente BASIC especialmente dise\u00f1ado."}], "lastModified": "2019-12-17T14:25:48.307", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:yabasic:yabasic:2.86.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD965673-7B4A-40E1-BEF2-D1CB8DCDF35F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}