6.5
CVE-2019-14249
- EPSS 2.73%
- Veröffentlicht 24.07.2019 04:15:12
- Zuletzt bearbeitet 21.11.2024 04:26:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Libdwarf Project ≫ Libdwarf Version < 2019-07-05
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.73% | 0.842 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-369 Divide By Zero
The product divides a value by zero.
http://www.securityfocus.com/bid/109380
https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599
https://sourceforge.net/p/libdwarf/code/merge-requests/4/