CVE-2017-12865
published 2017-08-29CVE-2017-12865: Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| connman | connman | >= 0 < 1.35-1 | 1.35-1 |
| connman | connman | >= 0 < 1.35-1 | 1.35-1 |
| connman | connman | >= 0 < 1.35-1 | 1.35-1 |
| connman | connman | >= 0 < 1.35-1 | 1.35-1 |
| debian | connman | < connman 1.35-1 (bookworm) | connman 1.35-1 (bookworm) |
| debian | debian_linux | — | — |
| intel | connman | <= 1.34 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL