Vulnerability-Lookup

BDU:2017-02382

Vulnerability from fstec - Published: 22.09.2016

Title

Уязвимость компонента inftrees библиотеки zlib, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость компонента inftrees (inftrees.c) библиотеки zlib вызвана ошибкой вычисления указателя. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать неопределённое поведение программы, что может привести к нарушению конфиденциальности, целостности и доступности защищаемой информации

Severity ?

Vendor

Novell Inc., Жан-Лу Гайи, Марк Адлер, IBM Corp., Red Hat Inc., Huawei Technologies Co., Ltd., АО "НППКТ"

Software Name

openSUSE, zlib, OpenSUSE Leap, IBM Vios, IBM Java, Red Hat Enterprise Linux, IBM i, IBM Aix, Huawei Mate 9 Pro, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)

Software Version

13.2 (openSUSE), 1.2.8 (zlib), 42.2 (OpenSUSE Leap), 2.2.0.0 (IBM Vios), 2.2.1.0 (IBM Vios), 2.2.1.1 (IBM Vios), 2.2.1.3 (IBM Vios), 2.2.1 4 (IBM Vios), 2.2.1.8 (IBM Vios), 2.2.1.9 (IBM Vios), 2.2.2.0 (IBM Vios), 2.2.2.4 (IBM Vios), 2.2.2.5 (IBM Vios), 2.2.2.6 (IBM Vios), 2.2.3.0 (IBM Vios), 2.2.3.2 (IBM Vios), 2.2.3.3 (IBM Vios), 2.2.3.4 (IBM Vios), 2.2.3.50 (IBM Vios), 2.2.4.0 (IBM Vios), SDK 8 SR 4 FP 2 (IBM Java), SDK 7R1 SR 4 FP 1 (IBM Java), SDK 7 SR 10 FP 1 (IBM Java), SDK 6R1 SR 8 FP 7 (IBM Java), SDK 6R1 SR 8 FP 5 (IBM Java), SDK 6R1 SR 8 FP 30 (IBM Java), SDK 6R1 SR 8 FP 26 (IBM Java), SDK 6R1 SR 8 FP 25 (IBM Java), SDK 6R1 SR 8 FP 21 (IBM Java), SDK 6R1 SR 8 FP 15 (IBM Java), SDK 6 SR 16 FP 7 (IBM Java), SDK 6 SR 16 FP 5 (IBM Java), SDK 6 SR 16 FP 41 (IBM Java), SDK 6 SR 16 FP 30 (IBM Java), SDK 6 SR 16 FP 26 (IBM Java), SDK 6 SR 16 FP 25 (IBM Java), SDK 6 SR 16 FP 22 (IBM Java), SDK 6 SR 16 FP 15 (IBM Java), 42.1 (OpenSUSE Leap), Workstation Supplementary 7 (Red Hat Enterprise Linux), Workstation Supplementary 6 (Red Hat Enterprise Linux), Server Supplementary 7 (Red Hat Enterprise Linux), Server Supplementary 6 (Red Hat Enterprise Linux), HPC Node Supplementary 6 (Red Hat Enterprise Linux), Desktop Supplementary 6 (Red Hat Enterprise Linux), ComputeNode Supplementary 7 (Red Hat Enterprise Linux), 6.1 (IBM i), 7.1 (IBM i), 7.2 (IBM i), 7.3 (IBM i), 5.3 (IBM Aix), 6.1 (IBM Aix), 7.1 (IBM Aix), 7.2 (IBM Aix), EMUI5.0 (Huawei Mate 9 Pro), до 2.6 (ОСОН ОСнова Оnyx)

Possible Mitigations

Использование рекомендаций: https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958 Для Huawei Mate 9 Pro: Обновление программного обеспечения до версии EMUI9.1.0 и выше Для ОСОН ОСнова Оnyx: Обновление программного обеспечения rsync до версии 3.2.6-1

Reference

http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html http://www.openwall.com/lists/oss-security/2016/12/05/21 http://www.securityfocus.com/bid/95131 http://www.securitytracker.com/id/1039427 https://bugzilla.redhat.com/show_bug.cgi?id=1402348 https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958 https://security.gentoo.org/glsa/201701-56 https://wiki.mozilla.org/images/0/09/Zlib-report.pdf https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.6/

CWE

CWE-465

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0416\u0430\u043d-\u041b\u0443 \u0413\u0430\u0439\u0438, \u041c\u0430\u0440\u043a \u0410\u0434\u043b\u0435\u0440, IBM Corp., Red Hat Inc., Huawei Technologies Co., Ltd., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "13.2 (openSUSE), 1.2.8 (zlib), 42.2 (OpenSUSE Leap), 2.2.0.0 (IBM Vios), 2.2.1.0 (IBM Vios), 2.2.1.1 (IBM Vios), 2.2.1.3 (IBM Vios), 2.2.1 4 (IBM Vios), 2.2.1.8 (IBM Vios), 2.2.1.9 (IBM Vios), 2.2.2.0 (IBM Vios), 2.2.2.4 (IBM Vios), 2.2.2.5 (IBM Vios), 2.2.2.6 (IBM Vios), 2.2.3.0 (IBM Vios), 2.2.3.2 (IBM Vios), 2.2.3.3 (IBM Vios), 2.2.3.4 (IBM Vios), 2.2.3.50 (IBM Vios), 2.2.4.0 (IBM Vios), SDK 8 SR 4 FP 2 (IBM Java), SDK 7R1 SR 4 FP 1 (IBM Java), SDK 7 SR 10 FP 1 (IBM Java), SDK 6R1 SR 8 FP 7 (IBM Java), SDK 6R1 SR 8 FP 5 (IBM Java), SDK 6R1 SR 8 FP 30 (IBM Java), SDK 6R1 SR 8 FP 26 (IBM Java), SDK 6R1 SR 8 FP 25 (IBM Java), SDK 6R1 SR 8 FP 21 (IBM Java), SDK 6R1 SR 8 FP 15 (IBM Java), SDK 6 SR 16 FP 7 (IBM Java), SDK 6 SR 16 FP 5 (IBM Java), SDK 6 SR 16 FP 41 (IBM Java), SDK 6 SR 16 FP 30 (IBM Java), SDK 6 SR 16 FP 26 (IBM Java), SDK 6 SR 16 FP 25 (IBM Java), SDK 6 SR 16 FP 22 (IBM Java), SDK 6 SR 16 FP 15 (IBM Java), 42.1 (OpenSUSE Leap), Workstation Supplementary 7 (Red Hat Enterprise Linux), Workstation Supplementary 6 (Red Hat Enterprise Linux), Server Supplementary 7 (Red Hat Enterprise Linux), Server Supplementary 6 (Red Hat Enterprise Linux), HPC Node Supplementary 6 (Red Hat Enterprise Linux), Desktop Supplementary 6 (Red Hat Enterprise Linux), ComputeNode Supplementary 7 (Red Hat Enterprise Linux), 6.1 (IBM i), 7.1 (IBM i), 7.2 (IBM i), 7.3 (IBM i), 5.3 (IBM Aix), 6.1 (IBM Aix), 7.1 (IBM Aix), 7.2 (IBM Aix), EMUI5.0 (Huawei Mate 9 Pro), \u0434\u043e 2.6 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958\n\n\u0414\u043b\u044f Huawei Mate 9 Pro: \n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 EMUI9.1.0 \u0438 \u0432\u044b\u0448\u0435\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f rsync \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.2.6-1",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.09.2016",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "09.11.2017",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2017-02382",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-9840",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "openSUSE, zlib, OpenSUSE Leap, IBM Vios, IBM Java, Red Hat Enterprise Linux, IBM i, IBM Aix, Huawei Mate 9 Pro, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.6  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 inftrees \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 zlib, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f\u043c\u0438 (CWE-465)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 inftrees (inftrees.c) \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 zlib \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043d\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html\nhttp://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html\nhttp://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html\nhttp://www.openwall.com/lists/oss-security/2016/12/05/21\nhttp://www.securityfocus.com/bid/95131\nhttp://www.securitytracker.com/id/1039427\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1402348\nhttps://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958\nhttps://security.gentoo.org/glsa/201701-56\nhttps://wiki.mozilla.org/images/0/09/Zlib-report.pdf\nhttps://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.6/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-465",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)"
}

CVE-2016-9840 (GCVE-0-2016-9840)

Vulnerability from cvelistv5 – Published: 2017-05-23 03:56 – Updated: 2024-08-06 02:59

Summary

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

Severity ?

No CVSS data available.

CWE

Assigner

microfocus

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2017:1221	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1220	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3047	vendor-advisoryx_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2016/1…	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/95131	vdb-entryx_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:3046	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-updates/2017-0…	vendor-advisoryx_refsource_SUSE
	https://security.gentoo.org/glsa/201701-56	vendor-advisoryx_refsource_GENTOO
	http://www.securitytracker.com/id/1039427	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:1222	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-updates/2017-0…	vendor-advisoryx_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2017:3453	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-updates/2016-1…	vendor-advisoryx_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2017:2999	vendor-advisoryx_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
	https://usn.ubuntu.com/4246-1/	vendor-advisoryx_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://usn.ubuntu.com/4292-1/	vendor-advisoryx_refsource_UBUNTU
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://support.apple.com/HT208144	x_refsource_CONFIRM
	https://github.com/madler/zlib/commit/6a043145ca6…	x_refsource_CONFIRM
	https://wiki.mozilla.org/MOSS/Secure_Open_Source/…	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1402345	x_refsource_CONFIRM
	https://support.apple.com/HT208113	x_refsource_CONFIRM
	https://support.apple.com/HT208112	x_refsource_CONFIRM
	https://support.apple.com/HT208115	x_refsource_CONFIRM
	https://wiki.mozilla.org/images/0/09/Zlib-report.pdf	x_refsource_MISC
	https://security.gentoo.org/glsa/202007-54	vendor-advisoryx_refsource_GENTOO

Date Public ?

2016-09-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:59:03.590Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:1221",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1221"
          },
          {
            "name": "RHSA-2017:1220",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1220"
          },
          {
            "name": "RHSA-2017:3047",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3047"
          },
          {
            "name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
          },
          {
            "name": "95131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95131"
          },
          {
            "name": "RHSA-2017:3046",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3046"
          },
          {
            "name": "openSUSE-SU-2017:0077",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
          },
          {
            "name": "GLSA-201701-56",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-56"
          },
          {
            "name": "1039427",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039427"
          },
          {
            "name": "RHSA-2017:1222",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1222"
          },
          {
            "name": "openSUSE-SU-2017:0080",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
          },
          {
            "name": "RHSA-2017:3453",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3453"
          },
          {
            "name": "openSUSE-SU-2016:3202",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
          },
          {
            "name": "RHSA-2017:2999",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2999"
          },
          {
            "name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
          },
          {
            "name": "USN-4246-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4246-1/"
          },
          {
            "name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
          },
          {
            "name": "USN-4292-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4292-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208144"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208113"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208112"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208115"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
          },
          {
            "name": "GLSA-202007-54",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-54"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:16:02.000Z",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "RHSA-2017:1221",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1221"
        },
        {
          "name": "RHSA-2017:1220",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1220"
        },
        {
          "name": "RHSA-2017:3047",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3047"
        },
        {
          "name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
        },
        {
          "name": "95131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95131"
        },
        {
          "name": "RHSA-2017:3046",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3046"
        },
        {
          "name": "openSUSE-SU-2017:0077",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
        },
        {
          "name": "GLSA-201701-56",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201701-56"
        },
        {
          "name": "1039427",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039427"
        },
        {
          "name": "RHSA-2017:1222",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1222"
        },
        {
          "name": "openSUSE-SU-2017:0080",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
        },
        {
          "name": "RHSA-2017:3453",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3453"
        },
        {
          "name": "openSUSE-SU-2016:3202",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
        },
        {
          "name": "RHSA-2017:2999",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2999"
        },
        {
          "name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
        },
        {
          "name": "USN-4246-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4246-1/"
        },
        {
          "name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
        },
        {
          "name": "USN-4292-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4292-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208144"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208113"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208112"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208115"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
        },
        {
          "name": "GLSA-202007-54",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202007-54"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2016-9840",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2017:1221",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1221"
            },
            {
              "name": "RHSA-2017:1220",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1220"
            },
            {
              "name": "RHSA-2017:3047",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:3047"
            },
            {
              "name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
            },
            {
              "name": "95131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95131"
            },
            {
              "name": "RHSA-2017:3046",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:3046"
            },
            {
              "name": "openSUSE-SU-2017:0077",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
            },
            {
              "name": "GLSA-201701-56",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201701-56"
            },
            {
              "name": "1039427",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039427"
            },
            {
              "name": "RHSA-2017:1222",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1222"
            },
            {
              "name": "openSUSE-SU-2017:0080",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
            },
            {
              "name": "RHSA-2017:3453",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:3453"
            },
            {
              "name": "openSUSE-SU-2016:3202",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
            },
            {
              "name": "RHSA-2017:2999",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2999"
            },
            {
              "name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
            },
            {
              "name": "USN-4246-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4246-1/"
            },
            {
              "name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
            },
            {
              "name": "USN-4292-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4292-1/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "https://support.apple.com/HT208144",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208144"
            },
            {
              "name": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0",
              "refsource": "CONFIRM",
              "url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
            },
            {
              "name": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib",
              "refsource": "MISC",
              "url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
            },
            {
              "name": "https://support.apple.com/HT208113",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208113"
            },
            {
              "name": "https://support.apple.com/HT208112",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208112"
            },
            {
              "name": "https://support.apple.com/HT208115",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208115"
            },
            {
              "name": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
              "refsource": "MISC",
              "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
            },
            {
              "name": "GLSA-202007-54",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202007-54"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2016-9840",
    "datePublished": "2017-05-23T03:56:00.000Z",
    "dateReserved": "2016-12-05T00:00:00.000Z",
    "dateUpdated": "2024-08-06T02:59:03.590Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2017-02382

CVE-2016-9840 (GCVE-0-2016-9840)

Tags

Sightings

Nomenclature