Vulnerability Details : CVE-2016-10196
Potential exploit
Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.
Vulnerability category: OverflowMemory CorruptionDenial of service
Products affected by CVE-2016-10196
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:52.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
- cpe:2.3:a:libevent_project:libevent:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-10196
1.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-10196
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-10196
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10196
-
http://www.securitytracker.com/id/1038320
Mozilla Firefox Multiple Bugs Let Remote Users Bypass Security Restrictions, Spoof URLs, Obtain Potentially Sensitive Information, Deny Service, and Execute Arbitrary Code - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2017:1104
RHSA-2017:1104 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.mozilla.org/security/advisories/mfsa2017-12/
Security vulnerabilities fixed in Firefox ESR 52.1 — MozillaThird Party Advisory
-
https://www.mozilla.org/security/advisories/mfsa2017-11/
Security vulnerabilities fixed in Firefox ESR 45.9 — MozillaThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:1201
RHSA-2017:1201 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://github.com/libevent/libevent/blob/release-2.1.6-beta/ChangeLog
libevent/ChangeLog at release-2.1.6-beta · libevent/libevent · GitHubRelease Notes;Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1343453
1343453 - (CVE-2017-5437) 3 public security flaws in libevent, which may affect mozilla productsIssue Tracking;Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3789
Debian -- Security Information -- DSA-3789-1 libeventThird Party Advisory
-
https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5
evutil_parse_sockaddr_port(): fix buffer overflow · libevent/libevent@329acc1 · GitHubPatch;Third Party Advisory
-
https://www.mozilla.org/security/advisories/mfsa2017-13/
Security vulnerabilities fixed in Thunderbird 52.1 — MozillaThird Party Advisory
-
http://www.securityfocus.com/bid/96014
libevent Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
https://www.mozilla.org/security/advisories/mfsa2017-10/
Security vulnerabilities fixed in Firefox 53 — MozillaThird Party Advisory
-
https://security.gentoo.org/glsa/201705-01
libevent: Multiple vulnerabilities (GLSA 201705-01) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:1106
RHSA-2017:1106 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2017/01/31/17
oss-security - Bugs fixed in libevent 2.1.6Mailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2017/02/02/7
oss-security - Re: Bugs fixed in libevent 2.1.6Mailing List;Third Party Advisory
-
https://github.com/libevent/libevent/issues/318
libevent (stack) buffer overflow in evutil_parse_sockaddr_port() · Issue #318 · libevent/libevent · GitHubExploit;Issue Tracking;Third Party Advisory
Jump to