Executive Summary

Informations
NameCVE-2016-7969First vendor Publication2017-03-03
VendorCveLast vendor Modification2018-10-30

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7969

CWE : Common Weakness Enumeration

%idName
100 %CWE-125Out-of-bounds Read

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Os3
Os1
Os1

Nessus® Vulnerability Scanner

DateDescription
2017-02-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201702-25.nasl - Type : ACT_GATHER_INFO
2016-12-14Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-3107-1.nasl - Type : ACT_GATHER_INFO
2016-12-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1442.nasl - Type : ACT_GATHER_INFO
2016-11-15Name : The remote Fedora host is missing a security update.
File : fedora_2016-d2a05a0644.nasl - Type : ACT_GATHER_INFO
2016-11-03Name : The remote Fedora host is missing a security update.
File : fedora_2016-95407a836f.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote Fedora host is missing a security update.
File : fedora_2016-282507c3e9.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Debian host is missing a security update.
File : debian_DLA-668.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/93358
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1381960
https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7...
https://github.com/libass/libass/releases/tag/0.13.4
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
GENTOO https://security.gentoo.org/glsa/201702-25
MLIST http://www.openwall.com/lists/oss-security/2016/10/05/2
SUSE http://lists.opensuse.org/opensuse-updates/2016-12/msg00068.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2018-10-31 00:21:12
  • Multiple Updates
2018-01-26 12:07:41
  • Multiple Updates
2017-03-05 05:23:43
  • Multiple Updates
2017-03-03 21:23:51
  • First insertion