CVE-2017-15922

CWE-125 — Out-of-bounds Read7 documents7 sources
Severity
5.5MEDIUM
EPSS
0.2%
top 60.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Libextractor
Timeline
PublishedOct 26
Latest updateMay 14

Description

In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

â–¶Debianlibextractor< 1:1.6-2+3
â–¶NVDgnu/libextractor1.4

🔴Vulnerability Details

3
GHSA
GHSA-9r4w-4465-whwv: In GNU Libextractor 1↗2022-05-14
â–¶
CVEList
CVE-2017-15922: In GNU Libextractor 1↗2017-10-26
â–¶
OSV
CVE-2017-15922: In GNU Libextractor 1↗2017-10-26
â–¶

📋Vendor Advisories

2
Ubuntu
libextractor vulnerabilities↗2020-11-23
â–¶
Debian
CVE-2017-15922: libextractor - In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_ext...↗2017
â–¶

💬Community

1
Bugzilla
CVE-2017-15922 libextractor: Out of bounds read in the EXTRACTOR_dvi_extract_method function↗2017-11-20
â–¶
CVE-2017-15922 (MEDIUM CVSS 5.5) | In GNU Libextractor 1.4 | cvebase.io