CVE-2019-1010232

CWE-787 — Out-of-bounds Write CWE-119 — Buffer Overflow4 documents4 sources

Severity

6.5MEDIUM

EPSS

0.3%

top 51.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Juniper/libslax Juniper Libslax

Timeline

PublishedJul 22

Latest updateMay 24

Description

Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. The impact is: remote dos. The component is: slaxlexer.c:601(funtion:slaxGetInput). The attack vector is: ./slaxproc --slax-to-xslt POC0.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDjuniper/libslax0.22.0

▶CVEListV5juniper/juniper/libslax2018), libslax (commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1+1

🔴Vulnerability Details

GHSA

GHSA-29hm-w98f-87q2: Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer O↗2022-05-24

▶

CVEList

CVE-2019-1010232: Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer O↗2019-07-22

▶

📋Vendor Advisories

Juniper

CVE-2019-1010232: Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer O↗2019-07-22

▶