CVE-2010-2947

Published Aug 24, 2010

Last updated 3 months ago

CVSS info 10.0

Overview

Description: Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F48ADCF-FE2D-45CC-9B19-D660011E4069",
            "versionEndIncluding": "3.5"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EA83E4A-77E1-4726-A24A-14677521C172"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07889946-3ECB-4F4C-B87D-0848F012CA1C"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.10.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B78E946-66E7-4ACD-81CB-CB4F7A300004"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A732D49D-EAEC-4578-BEA0-E4FCF1281229"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "346A956E-F5DC-49A5-891A-1C754BE2A569"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71ACD89F-4D68-4EDA-B5D0-34AAC38F9E4E"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC783A91-7C49-4924-A66C-DBDA27AD1661"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7875A9FC-019B-4881-9397-A70454FBCEF6"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A51B3269-3037-4105-A6D5-15DDECD39E60"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "185FE342-9A2B-44EC-9B0C-8840829129B7"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57640128-9BD9-4084-B2AE-6BD1C9798712"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:1.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59AA261F-3BB8-4656-9A35-7DC0B8F12B20"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "888DDF56-D6EE-4863-A353-87648261E4DC"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9EF87F8-83A2-408F-9F34-7127D25D45A7"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5F1CF2E-F393-4C70-B1B4-7CA21A245056"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EBE4306-5953-40FC-B86C-CBF84EAC872E"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "826265B6-7022-482F-A682-B175C120F892"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C62316C8-BEB8-41B8-84F8-F946E87036B3"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85217126-6C3F-4DD4-AD12-CCB78CB09A67"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5695303-7052-47FB-9A22-C2A7CBFD9AB8"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FD38155-40AA-403A-95E0-0FA1D3B49E47"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C312A5F9-7BDE-44FC-8C6C-A3EA1BED0106"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E28D452E-9C3E-465C-99E4-91B2010F72A1"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EFD706B-7391-4205-997F-05453F7413AA"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0E8F69F-D14E-4555-9E67-944819C40177"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF3C525D-DE04-4A60-8025-8DFACBE02BB0"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6494351D-159B-4568-944E-EAB38007EEB0"
          },
          {
            "criteria": "cpe:2.3:a:jan_engelhardt:libhx:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0182748A-D350-4046-81DD-7A2E51DC899A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References