cbcvebase.
CVE-2016-7837
published 2017-06-09

CVE-2016-7837: Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.

PriorityP433high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
0.56%
42.1th percentile
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.

Affected

9 ranges
VendorProductVersion rangeFixed in
bluezbluez<= 5.41
bluezbluez>= 0 < 5.43-15.43-1
bluezbluez>= 0 < 5.43-15.43-1
bluezbluez>= 0 < 5.43-15.43-1
bluezbluez>= 0 < 5.43-15.43-1
bluezbluez>= 0 < 5.37-0ubuntu5.35.37-0ubuntu5.3
bluezbluez>= 0 < 5.48-0ubuntu3.45.48-0ubuntu3.4
bluez_projectbluez
debianbluez< bluez 5.43-1 (bookworm)bluez 5.43-1 (bookworm)

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.