CVE-2016-10195 in libeventinfo

Summary

The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

02/01/2017

Disclosure

03/15/2017

Moderation

VulDB entry created

Entries

VDB-98128 (1)

CPE

ready

CWE

CWE-125 (Confirmed)

CVSS

8.5

EPSS

0.05932

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10195
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10195
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10195/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!