Lucene search

[email protected]CVE-2018-0429

HistoryAug 09, 2018 - 8:29 p.m.

CVE-2018-0429

2018-08-0920:29:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2018-0429

cisco thor

buffer overflow

denial of service

segmentation fault

arbitrary code

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Stack-based buffer overflow in the Cisco Thor decoder before commit 18de8f9f0762c3a542b1122589edb8af859d9813 allows local users to cause a denial of service (segmentation fault) and execute arbitrary code via a crafted non-conformant Thor bitstream.

Affected configurations

NVD

Node

ciscothor_video_codecRange<2018-8-8

CPENameOperatorVersion
cisco:thor_video_codeccisco thor video codeclt2018-8-8

CPE	Name	Operator	Version
cisco:thor_video_codec	cisco thor video codec	lt	2018-8-8

References

www.securityfocus.com/bid/105059

github.com/cisco/thor/commit/18de8f9f0762c3a542b1122589edb8af859d9813

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2018-0429

cvelist1 nvd1 prion1 osv1