ID CVE-2017-17440
Summary GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:libextractor:1.6
    cpe:2.3:a:gnu:libextractor:1.6
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-354B9647BA.NASL
    description Patch for CVE-2017-17440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 105854
    published 2018-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105854
    title Fedora 27 : libextractor (2017-354b9647ba)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-0F3270406C.NASL
    description Patch for CVE-2017-17440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 105380
    published 2017-12-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105380
    title Fedora 26 : libextractor (2017-0f3270406c)
refmap via4
bid 102116
misc
Last major update 06-12-2017 - 12:29
Published 06-12-2017 - 12:29
Last modified 22-12-2017 - 09:20
Back to Top