9.8

CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ZlibZlib Version >= 1.2.0 < 1.2.9
OpensuseLeap Version42.1
OpensuseLeap Version42.2
OpensuseOpensuse Version13.2
DebianDebian Linux Version8.0
CanonicalUbuntu Linux Version16.04 SwEditionesm
CanonicalUbuntu Linux Version18.04 SwEditionlts
OracleDatabase Server Version18c
OracleJdk Version1.6.0 Updateupdate161
OracleJdk Version1.7.0 Updateupdate151
OracleJdk Version1.8.0 Updateupdate144
OracleJre Version1.6.0 Updateupdate161
OracleJre Version1.7.0 Updateupdate151
OracleJre Version1.8.0 Updateupdate144
OracleMysql Version >= 5.5.0 <= 5.5.61
OracleMysql Version >= 5.6.0 <= 5.6.41
OracleMysql Version >= 5.7.0 <= 5.7.23
OracleMysql Version >= 8.0.0 <= 8.0.12
RedhatSatellite Version5.8
RedhatEnterprise Linux Eus Version7.4
RedhatEnterprise Linux Eus Version7.5
AppleiPhone OS Version < 11
ApplemacOS X Version >= 10.0.0 < 10.13.0
AppletvOS Version < 11.0
ApplewatchOS Version < 4
NetappActive Iq Unified Manager SwPlatformwindows Version >= 7.3
NetappActive Iq Unified Manager SwPlatformvmware_vsphere Version >= 9.5
NetappCloud Backup Version-
NetappE-series Santricity Management Version- SwPlatformvmware_sra
NetappE-series Santricity Management Version- SwPlatformvmware_vasa
NetappE-series Santricity Management Version- SwPlatformvmware_vcenter
NetappE-series Santricity Os Controller Version >= 11.0.0 <= 11.70.1
NetappE-series Santricity Web Services Version- SwPlatformweb_services_proxy
NetappOncommand Balance Version-
NetappOncommand Insight Version-
NetappOncommand Performance Manager Version- SwPlatformvmware_vsphere
NetappOncommand Shift Version-
NetappOncommand Unified Manager SwPlatformvsphere Version <= 7.1
NetappOncommand Unified Manager SwPlatformwindows Version <= 7.1
NetappOncommand Unified Manager Version- SwPlatform7-mode
NetappSnapmanager Version- SwPlatformoracle
NetappSnapmanager Version- SwPlatformsap
NetappSolidfire Version-
NetappStorage Replication Adapter For Clustered Data Ontap Version- SwPlatformvmware_vsphere
NetappSymantec Netbackup Version-
NetappVirtual Storage Console Version- SwPlatformvmware_vsphere
NetappHci Storage Node Version-
NodejsNode.Js SwEdition- Version >= 4.0.0 <= 4.1.2
NodejsNode.Js SwEditionlts Version >= 4.2.0 < 4.8.2
NodejsNode.Js SwEdition- Version >= 6.0.0 <= 6.8.1
NodejsNode.Js SwEditionlts Version >= 6.9.0 < 6.10.2
NodejsNode.Js SwEdition- Version >= 7.0.0 < 7.6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.49% 0.937
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com/security-alerts/cpujul2020.html
http://www.securitytracker.com/id/1039427
https://support.apple.com/HT208112
https://support.apple.com/HT208113
https://support.apple.com/HT208115
https://support.apple.com/HT208144
http://www.securitytracker.com/id/1039596
https://access.redhat.com/errata/RHSA-2017:2999
https://access.redhat.com/errata/RHSA-2017:3046
https://access.redhat.com/errata/RHSA-2017:3453
https://security.netapp.com/advisory/ntap-20171019-0001/
https://access.redhat.com/errata/RHSA-2017:1220
https://access.redhat.com/errata/RHSA-2017:1221
https://access.redhat.com/errata/RHSA-2017:1222
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html
http://www.openwall.com/lists/oss-security/2016/12/05/21
http://www.securityfocus.com/bid/95131
https://access.redhat.com/errata/RHSA-2017:3047
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html
https://security.gentoo.org/glsa/201701-56
https://security.gentoo.org/glsa/202007-54
https://usn.ubuntu.com/4246-1/
https://usn.ubuntu.com/4292-1/
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=1402346
https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb