CVE-2018-12174

CWE-787 — Out-of-bounds Write4 documents4 sources

Severity

7.8HIGH

EPSS

0.1%

top 75.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Corporation Intel Parallel Studio XE 2018 Intel Parallel Studio XE

Timeline

PublishedNov 14

Latest updateMay 13

Description

Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5intel_corporation/intel_parallel_studio_xe_2018Update 3 and before

▶NVDintel/parallel_studio_xe2018

🔴Vulnerability Details

GHSA

GHSA-6xr6-q2pv-2hcf: Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privilege↗2022-05-13

▶

CVEList

CVE-2018-12174: Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privilege↗2018-11-14

▶