CVE-2017-15255

{"id": "CVE-2017-15255", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-10-11T18:29:04.193", "references": [{"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15255", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a \"Read Access Violation starting at PDF!xmlParserInputRead+0x00000000001601b0.\""}, {"lang": "es", "value": "IrfanView 4.44 (32bit), con la versi\u00f3n del plugin PDF 4.43, permite que los atacantes provoquen una denegaci\u00f3n de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .pdf manipulado. Esta vulnerabilidad est\u00e1 relacionada con \"Read Access Violation starting at PDF!xmlParserInputRead+0x00000000001601b0\"."}], "lastModified": "2017-10-24T14:54:00.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:irfanview:pdf:4.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF85102B-9D56-470B-B839-76F96598F85E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:x86:*", "vulnerable": false, "matchCriteriaId": "88778CE0-192D-42EA-8644-9BF65D383A7C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:irfanview:pdf:4.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF85102B-9D56-470B-B839-76F96598F85E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}