The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.
Max CVSS
9.6
EPSS Score
0.21%
Published
2023-10-12
Updated
2023-10-17
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-07-13
Updated
2023-08-22
The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service (crash) via a request that lacks expected separators, which triggers a NULL pointer dereference, as demonstrated using the Command keyword.
Max CVSS
5.0
EPSS Score
0.26%
Published
2009-12-31
Updated
2010-01-01
The process_trap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service (crash) via a crafted request with data that lacks an expected : (colon) separator, which triggers a NULL pointer dereference.
Max CVSS
5.0
EPSS Score
0.23%
Published
2009-12-31
Updated
2010-01-12
Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."
Max CVSS
10.0
EPSS Score
0.53%
Published
2007-01-31
Updated
2017-07-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!