| |
Vulnerability CVE-2016-10721
Published: 2018-05-02 Modified: 2018-05-03
| Description: |
partclone.restore in Partclone 0.2.87 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to execute arbitrary code in the context of the user running the affected application. |
Type:
CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://github.com/Thomas-Tsai/partclone/issues/82
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
