CVE-2017-7456
published 2017-04-14CVE-2017-7456: Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
PriorityP353high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
29.29%
97.9th percentile
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | mxview | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-823x-2crf-qhp9: Moxa MXView 2
ghsa_unreviewed·2022-05-17
CVE-2017-7456 [HIGH] CWE-20 GHSA-823x-2crf-qhp9: Moxa MXView 2
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
Red Hat
libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service
vendor_redhat·2018-02-24·CVSS 6.5
CVE-2018-7456 [MEDIUM] CWE-476 libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service
libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)
Package: libtiff (Red Hat Enterprise Linux 5) - Will not fix
Package: libtiff (Red Hat Enterprise Linux 6) - Will not fix
Package: libtiff (Red Hat Enterprise Linux 8) - Not affected
No detection rules found.
http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-DENIAL-OF-SERVICE.txthttp://seclists.org/fulldisclosure/2017/Apr/50https://www.exploit-db.com/exploits/41851/http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-DENIAL-OF-SERVICE.txthttp://seclists.org/fulldisclosure/2017/Apr/50https://www.exploit-db.com/exploits/41851/
2017-04-14
Published