CVE-2011-5280Improper Restriction of Operations within the Bounds of a Memory Buffer in Boinc

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 30.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Universityofcalifornia Boinc ClientDebian Boinc
Timeline
PublishedJun 2
Latest updateMay 17

Description

Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

Debianuniversityofcalifornia/boinc_client< 7.0.2+dfsg-1+3
debiandebian/boinc< boinc 7.0.2+dfsg-1 (bookworm)

🔴Vulnerability Details

2
GHSA
GHSA-x4mx-r8f8-rwrf: Multiple stack-based buffer overflows in BOINC 62022-05-17
OSV
CVE-2011-5280: Multiple stack-based buffer overflows in BOINC 62014-06-02

📋Vendor Advisories

1
Debian
CVE-2011-5280: boinc - Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to ...2011