4.7
CVE-2017-12618
- EPSS 0.16%
- Veröffentlicht 24.10.2017 01:29:02
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle security@apache.org
- CVE-Watchlists
- Unerledigt
LoginApache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apache ≫ Portable Runtime Utility Version0.9.1
Apache ≫ Portable Runtime Utility Version0.9.2
Apache ≫ Portable Runtime Utility Version0.9.3
Apache ≫ Portable Runtime Utility Version0.9.4
Apache ≫ Portable Runtime Utility Version0.9.5
Apache ≫ Portable Runtime Utility Version0.9.6
Apache ≫ Portable Runtime Utility Version0.9.7
Apache ≫ Portable Runtime Utility Version0.9.9
Apache ≫ Portable Runtime Utility Version0.9.10
Apache ≫ Portable Runtime Utility Version0.9.11
Apache ≫ Portable Runtime Utility Version0.9.12
Apache ≫ Portable Runtime Utility Version0.9.13
Apache ≫ Portable Runtime Utility Version0.9.14
Apache ≫ Portable Runtime Utility Version0.9.15
Apache ≫ Portable Runtime Utility Version0.9.16
Apache ≫ Portable Runtime Utility Version0.9.17
Apache ≫ Portable Runtime Utility Version0.9.18
Apache ≫ Portable Runtime Utility Version0.9.19
Apache ≫ Portable Runtime Utility Version0.9.20
Apache ≫ Portable Runtime Utility Version1.0.0
Apache ≫ Portable Runtime Utility Version1.0.1
Apache ≫ Portable Runtime Utility Version1.0.2
Apache ≫ Portable Runtime Utility Version1.1.0
Apache ≫ Portable Runtime Utility Version1.1.1
Apache ≫ Portable Runtime Utility Version1.1.2
Apache ≫ Portable Runtime Utility Version1.2.1
Apache ≫ Portable Runtime Utility Version1.2.2
Apache ≫ Portable Runtime Utility Version1.2.6
Apache ≫ Portable Runtime Utility Version1.2.7
Apache ≫ Portable Runtime Utility Version1.2.8
Apache ≫ Portable Runtime Utility Version1.2.9
Apache ≫ Portable Runtime Utility Version1.2.10
Apache ≫ Portable Runtime Utility Version1.2.12
Apache ≫ Portable Runtime Utility Version1.2.13
Apache ≫ Portable Runtime Utility Version1.3.0
Apache ≫ Portable Runtime Utility Version1.3.1
Apache ≫ Portable Runtime Utility Version1.3.2
Apache ≫ Portable Runtime Utility Version1.3.3
Apache ≫ Portable Runtime Utility Version1.3.4
Apache ≫ Portable Runtime Utility Version1.3.5
Apache ≫ Portable Runtime Utility Version1.3.6
Apache ≫ Portable Runtime Utility Version1.3.7
Apache ≫ Portable Runtime Utility Version1.3.8
Apache ≫ Portable Runtime Utility Version1.3.9
Apache ≫ Portable Runtime Utility Version1.3.10
Apache ≫ Portable Runtime Utility Version1.3.11
Apache ≫ Portable Runtime Utility Version1.3.12
Apache ≫ Portable Runtime Utility Version1.3.13
Apache ≫ Portable Runtime Utility Version1.4.0
Apache ≫ Portable Runtime Utility Version1.4.1
Apache ≫ Portable Runtime Utility Version1.4.2
Apache ≫ Portable Runtime Utility Version1.4.3
Apache ≫ Portable Runtime Utility Version1.5.0
Apache ≫ Portable Runtime Utility Version1.5.1
Apache ≫ Portable Runtime Utility Version1.5.2
Apache ≫ Portable Runtime Utility Version1.5.3
Apache ≫ Portable Runtime Utility Version1.5.4
Apache ≫ Portable Runtime Utility Version1.5.5
Apache ≫ Portable Runtime Utility Version1.6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.38 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:P
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.