Published: 02/03/2017 Updated: 15/10/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
radare radare2 1.2.1

Debian Bug report logs - #856574 radare2: CVE-2017-6387 Package: src:radare2; Maintainer for src:radare2 is Debian Security Tools <team+pkg-security@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 2 Mar 2017 16:09:02 UTC Severity: important Tags: patch, security, upstream Found ...

Debian Bug report logs - #856579 radare2: CVE-2017-6319 Package: src:radare2; Maintainer for src:radare2 is Debian Security Tools <team+pkg-security@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 2 Mar 2017 16:45:02 UTC Severity: important Tags: patch, security, upstream Found ...

Debian Bug report logs - #856572 radare2: CVE-2017-6415 Package: src:radare2; Maintainer for src:radare2 is Debian Security Tools <team+pkg-security@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 2 Mar 2017 15:54:01 UTC Severity: important Tags: patch, security, upstream Found ...

CWE-476 https://github.com/radare/radare2/issues/6872 http://www.securityfocus.com/bid/96523 https://github.com/radareorg/radare2/commit/68338b71a563b24e62617bb629059adc0c94b230 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856574

CVE-2017-6415

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect