Vulnerability Details : CVE-2013-1769
A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 and 0.17.x before 0.17.3 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted message.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2013-1769
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.16.2:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.16.3:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.16.4:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.17.2:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.16.1:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:simon_mcvittie:telepathy_gabble:0.16.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-1769
0.65%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1769
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-1769
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1769
-
http://lists.opensuse.org/opensuse-updates/2013-03/msg00085.html
openSUSE-SU-2013:0518-1: moderate: telepathy-gabble: fixed a remote deniPatch
-
http://lists.freedesktop.org/archives/telepathy/2013-March/006377.html
[Telepathy] Announce: telepathy-gabble 0.16.5Patch
-
http://www.ubuntu.com/usn/USN-1873-1
USN-1873-1: telepathy-gabble vulnerabilities | Ubuntu security notices
-
http://lists.freedesktop.org/archives/telepathy/2013-March/006378.html
[Telepathy] Announce: telepathy-gabble 0.17.3Patch
Jump to