CVE-2018-17292

{"id": "CVE-2018-17292", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2018-09-21T07:29:00.287", "references": [{"url": "https://github.com/WAVM/WAVM/commit/2de6cf70c5ef31e22ed119a25ac2daeefd3d18a1", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/WAVM/WAVM/issues/109", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than 4 bytes."}, {"lang": "es", "value": "Se ha descubierto un problema en WAVM en versiones anteriores al 16/09/2018. La funci\u00f3n loadModule en Include/Inline/CLI.h carece de comprobaciones de la longitud de los archivos antes de que se haga una comparaci\u00f3n m\u00e1gica de archivos, permitiendo que los atacantes provoquen una denegaci\u00f3n de servicio (cierre inesperado de la aplicaci\u00f3n causado por una lectura fuera de l\u00edmites) creando un archivo que ocupe menos de 4 bytes."}], "lastModified": "2018-11-21T18:24:25.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:webassembly_virtual_machine_project:webassembly_virtual_machine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8DB01B9-1E08-4736-B665-9DD40423C024", "versionEndExcluding": "2018-09-16"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}