CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12472
https://notcve.org/view.php?id=CVE-2017-12472
ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging missing NULL pointer checks after ccnl_malloc. ccnl-ext-mgmt.c en CCN-lite, en versiones anteriores a la 2.00, permite que atacantes dependientes del contexto provoquen un impacto sin especificar aprovechando la falta de comprobaciones de puntero NULL tras ccnl_malloc. • https://github.com/cn-uofbasel/ccn-lite/issues/138 https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12466
https://notcve.org/view.php?id=CVE-2017-12466
CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access. CCN-lite, en versiones anteriores a la 2.00, permite que atacantes dependientes del contexto tengan un impacto sin especificar mediante vectores relacionados con ssl_halen al ejecutar ccn-lite-sim, lo que desencadena un acceso fuera de límites. • https://github.com/cn-uofbasel/ccn-lite/issues/132 https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12465
https://notcve.org/view.php?id=CVE-2017-12465
Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse function. Múltiples desbordamientos de enteros en CCN-lite, en versiones anteriores a la 2.00, permiten que atacantes dependientes del contexto provoquen un impacto sin especificar mediante vectores relacionados con (1) la variable vallen en la función iottlv_parse_sequence o (2) las variables typ, vallen e i en la función localrpc_parse. • https://github.com/cn-uofbasel/ccn-lite/issues/131 https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12412
https://notcve.org/view.php?id=CVE-2017-12412
ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow. ccn-lite-ccnb2xml en CCN-lite, en versiones anteriores a la 2.0.0, permite que atacantes dependientes del contexto provoquen un impacto sin especificar mediante un archivo manipulado, lo que desencadena una recursión infinita y un desbordamiento de pila. • https://github.com/cn-uofbasel/ccn-lite/issues/128 https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12471
https://notcve.org/view.php?id=CVE-2017-12471
The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function. La función cnb_parse_lev en CCN-lite, en versiones anteriores a la 2.00, permite que atacantes dependientes del contexto provoquen un impacto sin especificar aprovechando el error a la hora de comprobar condiciones fuera de límites, lo que desencadena una lectura inválida en la función hexdump. • https://github.com/cn-uofbasel/ccn-lite/issues/137 https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •