CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2311
https://notcve.org/view.php?id=CVE-2015-2311
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message. Un desbordamiento de enteros en Sandstorm Cap'n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.1 podría permitir que pares remotos provoquen una denegación de servicio o que, posiblemente, obtengan información sensible de la memoria o que ejecuten código arbitrario mediante un mensaje manipulado. • http://www.openwall.com/lists/oss-security/2015/03/17/3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780566 https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-1-c%2B%2B-integer-underflow.md https://github.com/capnproto/capnproto/commit/26bcceda72372211063d62aab7e45665faa83633 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7892
https://notcve.org/view.php?id=CVE-2017-7892
Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a bounds check in such calculations is Apple LLVM version 8.1.0 (clang-802.0.41). The attack vector is a crafted far pointer within a message. Sandstorm Cap'n Proto en versiones anteriores a 0.5.3.1 permite bloqueos a distancia relacionados con una optimización del compilador. • https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md • CWE-20: Improper Input Validation •