CVE-2017-13743
liblouis: Buffer overflow in the function _lou_showString()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack.
Existe un desbordamiento de búfer en Liblouis 3.2.0 que se desencadena en la función _lou_showString() en utils.c que provocaría un ataque de denegación de servicio remoto.
Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille. Security Fix: Multiple flaws were found in the processing of translation tables in liblouis. An attacker could crash or potentially execute arbitrary code using malicious translation tables.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-29 CVE Reserved
- 2017-08-29 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/100607 | Vdb Entry | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1484335 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:3111 | 2017-12-02 | |
| https://access.redhat.com/security/cve/CVE-2017-13743 | 2017-11-02 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1488942 | 2017-11-02 |