Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-23457

Published: 12/01/2023 Updated: 19/04/2024
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

upx project upx

fedoraproject fedora 36

fedoraproject fedora 37

Vendor Advisories

Debian CVElist Bug Report Logs: upx-ucl: CVE-2023-23457
Debian Bug report logs - #1031874 upx-ucl: CVE-2023-23457 Package: src:upx-ucl; Maintainer for src:upx-ucl is Robert Luberda <robert@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 24 Feb 2023 16:09:01 UTC Severity: grave Tags: security, upstream Forwarded to githubcom/upx/upx/is ...

References

CWE-119https://bugzilla.redhat.com/show_bug.cgi?id=2160382https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860https://github.com/upx/upx/issues/631https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031874https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook