Vulnerability Details : CVE-2016-4303
Potential exploit
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2016-4303
- cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:a:es:iperf3:*:*:*:*:*:*:*:*
- cpe:2.3:a:es:iperf3:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4303
2.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4303
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-4303
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4303
-
http://www.talosintelligence.com/reports/TALOS-2016-0164/
TALOS-2016-0164 || Cisco Talos Intelligence Group - Comprehensive Threat IntelligenceExploit;Third Party Advisory
-
https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a
Fix a buffer overflow / heap corruption issue that could occur if a · esnet/iperf@91f2fa5 · GitHubPatch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/01/msg00023.html
[SECURITY] [DLA 2080-1] iperf3 security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2016-08/msg00090.html
openSUSE-SU-2016:2121-1: moderate: Security update for iperfMailing List;Third Party Advisory
-
http://blog.talosintel.com/2016/06/esnet-vulnerability.html
Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: ESnet iPerf3 JSON parse_string UTF Code Execution VulnerabilityExploit;Third Party Advisory
-
http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released
iperf3 Project News — iperf3 3.7 documentationRelease Notes;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2016-08/msg00082.html
openSUSE-SU-2016:2113-1: moderate: Security update for iperfMailing List;Third Party Advisory
-
https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc
Third Party Advisory
Jump to