Published: 13/03/2019 Updated: 02/11/2021

CVSS v2 Base Score: 5.8 | Impact Score: 6.4 | Exploitability Score: 6.5

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P

gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote malicious users to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gpsd project gpsd
microjson project microjson
debian debian linux 8.0
debian debian linux 9.0

Debian Bug report logs - #925327 gpsd: CVE-2018-17937 Package: src:gpsd; Maintainer for src:gpsd is Bernd Zeimetz <bzed@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 23 Mar 2019 08:09:01 UTC Severity: grave Tags: security, upstream Found in versions gpsd/316-4, gpsd/317-5 Fixed in v ...

CWE-121 https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01 http://www.securityfocus.com/bid/107029 https://lists.debian.org/debian-lts-announce/2019/03/msg00040.html https://security.gentoo.org/glsa/202009-17 https://lists.debian.org/debian-lts-announce/2021/10/msg00024.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925327 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-17937

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect