5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
7.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.0%
Software: hivex 1.3.10
OS: Cobalt 7.9
CVE-ID: CVE-2014-9273
CVE-Crit: HIGH
CVE-DESC: lib / handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges using small bush files, which triggers reads or writes outside the allowed range.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2021-3504
CVE-Crit: HIGH
CVE-DESC: A bug was found in the hivex library in versions before 1.3.20. This is caused by a lack of bounds checking in the hivex_open function. An attacker could inject a specially crafted Windows registry file (hive) that would cause hivex to read memory outside its normal bounds or cause the program to crash. The biggest threat from this vulnerability is to system availability.
CVE-STATUS: default
CVE-REV: default
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
7.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.0%