CVE-2017-5240

Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. A malicious or malformed Flash source file can cause a denial of service condition when parsed by this component, causing the application to crash.
References
Link Resource
https://community.rapid7.com/docs/DOC-3631 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:rapid7:appspider_pro:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-05-03 16:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-5240

Mitre link : CVE-2017-5240

CVE.ORG link : CVE-2017-5240


JSON object : View

Products Affected

rapid7

  • appspider_pro
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer