7.5

CVE-2016-7972

The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
OpensuseLeap Version42.1
OpensuseOpensuse Version13.2
FedoraprojectFedora Version23
FedoraprojectFedora Version24
FedoraprojectFedora Version25
Libass ProjectLibass Version <= 0.13.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.34% 0.843
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
http://www.openwall.com/lists/oss-security/2016/10/05/2
Patch
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/93358
Third Party Advisory
VDB Entry
https://github.com/libass/libass/releases/tag/0.13.4
Patch
Third Party Advisory
Release Notes
https://security.gentoo.org/glsa/201702-25
Patch
Third Party Advisory
VDB Entry