Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-5309

Published: 07/12/2015 Updated: 30/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Leap

Vulnerability Summary

Integer overflow in the terminal emulator in PuTTY prior to 0.66 allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow.

Vulnerable Product Search on Vulmon Subscribe to Product

opensuse leap 42.1

opensuse opensuse 13.1

opensuse opensuse 13.2

simon tatham putty

References

CWE-189http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.htmlhttp://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.htmlhttps://security.gentoo.org/glsa/201606-01http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.htmlhttp://www.debian.org/security/2015/dsa-3409http://www.securitytracker.com/id/1034308https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook