Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2016-10091

Published: 21/04/2017 Updated: 25/04/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Unrtf Project

Vulnerability Summary

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote malicious users to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.

Vulnerable Product Search on Vulmon Subscribe to Product

unrtf project unrtf 0.21.9

Vendor Advisories

Debian CVElist Bug Report Logs: unrtf: CVE-2016-10091: stack-based buffer overflows in cmd_* functions
Debian Bug report logs - #849705 unrtf: CVE-2016-10091: stack-based buffer overflows in cmd_* functions Package: unrtf; Maintainer for unrtf is Willi Mann <willi@debianorg>; Source for unrtf is src:unrtf (PTS, buildd, popcon) Reported by: Skylake <skyl@protonmailcom> Date: Fri, 30 Dec 2016 00:57:01 UTC Severity: n ...

References

CWE-119https://bugzilla.redhat.com/show_bug.cgi?id=1409546http://www.securityfocus.com/bid/95173http://www.openwall.com/lists/oss-security/2017/01/01/1http://www.openwall.com/lists/oss-security/2016/12/31/3http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849705https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook