CVE-2016-10196 in libeventinfo

Summary

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

02/01/2017

Disclosure

03/15/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

7.9

EPSS

0.00747

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10196
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10196
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10196/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!