CVE Vulnerability

CVE-2021-32436

An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Scope

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/leesavide/abcm2ps/commit/2f56e1179cab6affeb8afa9d6c324008fe40d8e3 Patch Third Party Advisory
https://github.com/leesavide/abcm2ps/issues/85 Exploit Issue Tracking
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTF4FXCW22FFB5HNQO3GK3F4FFBLTZKE/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6333SXWMES3K22DBAOAW34G6EU6WIJEY/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVGJH4HMXI3TWMHQJQCG3M7KSXJWJM7R/ Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/04/msg00015.html Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:abcm2ps_project:abcm2ps:8.14.11:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Information

Published : 2022-03-10 05:42

Updated : 2022-04-25 08:41

NVD link : CVE-2021-32436

Mitre link : CVE-2021-32436

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read