CVE-2018-10195

Sažetak

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

Reference

https://lists.suse.com/pipermail/sle-security-updates/2018-April/003955.html?_ga=2.81625751.1026327980.1622040648-1950393542.1547130931
https://lists.suse.com/pipermail/sle-security-updates/2018-April/003956.html?_ga=2.81625751.1026327980.1622040648-1950393542.1547130931
http://www.ohse.de/uwe/software/lrzsz.html
https://bugzilla.redhat.com/show_bug.cgi?id=1572058
https://lists.debian.org/debian-lts-announce/2022/01/msg00027.html

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:P

Zadnje važnije ažuriranje

21-02-2022 - 04:59

Objavljeno

02-06-2021 - 14:15