9.8

CVE-2016-8606

The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGuile Version2.0.12
FedoraprojectFedora Version23
FedoraprojectFedora Version24
FedoraprojectFedora Version25
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.56
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www.openwall.com/lists/oss-security/2016/10/12/2
Patch
Third Party Advisory
Issue Tracking
http://www.securityfocus.com/bid/93514
Third Party Advisory
VDB Entry