CVE-2010-2490 — Improper Input Validation in Mumble

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 34.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 31

Latest updateApr 21

Description

Mumble: murmur-server has DoS due to malformed client query

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

▶debiandebian/mumble< mumble 1.2.2-4 (bookworm)

▶Debianmumble/mumble< 1.2.2-4+3

Also affects: Debian Linux 10.0, 8.0, 9.0

GHSA

GHSA-288f-gh2h-9j8q: Mumble: murmur-server has DoS due to malformed client query↗2022-04-21

▶

OSV

CVE-2010-2490: Mumble: murmur-server has DoS due to malformed client query↗2019-10-31

▶

Debian

CVE-2010-2490: mumble - Mumble: murmur-server has DoS due to malformed client query↗2010

▶

Bugzilla

CVE-2010-2490 Mumble: Remotely exploitable DoS (murmur server termination) due QueryUsers Qt SQLite database bug [fedora-all]↗2011-03-28

▶

Bugzilla

CVE-2010-2490 Mumble: Remotely exploitable DoS (murmur server termination) due QueryUsers Qt SQLite database bug↗2010-07-02

▶