libcomps CVE-2019-3817 Arbitrary Code Execution Vulnerability
BID:106794
Info
libcomps CVE-2019-3817 Arbitrary Code Execution Vulnerability
| Bugtraq ID: | 106794 |
| Class: | Input Validation Error |
| CVE: |
CVE-2019-3817 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 21 2019 12:00AM |
| Updated: | Jan 21 2019 12:00AM |
| Credit: | Riccardo Schirone |
| Vulnerable: |
Redhat Enterprise Linux 7 libcomps libcomps 0 |
| Not Vulnerable: | |
Discussion
libcomps CVE-2019-3817 Arbitrary Code Execution Vulnerability
libcomps is prone to an arbitrary code-execution vulnerability.
A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition.
libcomps is prone to an arbitrary code-execution vulnerability.
A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition.
Exploit / POC
libcomps CVE-2019-3817 Arbitrary Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
libcomps CVE-2019-3817 Arbitrary Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
libcomps CVE-2019-3817 Arbitrary Code Execution Vulnerability
References:
References:
- libcomps Homepage (libcomps)
- rpm-software-management/libcomps (rpm-software-management/libcomps)
- Bug 1668005 (CVE-2019-3817) - CVE-2019-3817 libcomps: use after free when mergi (Redhat)
- CVE-2019-3817 (Redhat)