CVE-2016-9842
CVE-2016-9842
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.8EPSS 5.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
23 may 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.htmlhttp://lists.opensuse.org/opensuse-updates/2017-01/msg00050.htmlhttp://lists.opensuse.org/opensuse-updates/2017-01/msg00053.htmlhttps://access.redhat.com/errata/RHSA-2017:1220https://access.redhat.com/errata/RHSA-2017:1221https://access.redhat.com/errata/RHSA-2017:1222https://access.redhat.com/errata/RHSA-2017:2999https://access.redhat.com/errata/RHSA-2017:3046https://access.redhat.com/errata/RHSA-2017:3047https://access.redhat.com/errata/RHSA-2017:3453https://bugzilla.redhat.com/show_bug.cgi?id=1402348https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958