메뉴 건너뛰기

GREATUSER

cve

CVE-2017-2922

관리자 2017.11.09 04:00 조회 수 : 137

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to achieve remote code execution. An attacker needs to send a specially crafted websocket packet over the network to trigger this vulnerability.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2922
번호 제목 글쓴이 날짜 조회 수
422 CVE-2017-0132 관리자 2017.03.18 190
421 CVE-2017-15090 관리자 2018.01.25 189
420 CVE-2017-16607 관리자 2018.01.25 189
419 CVE-2017-0137 관리자 2017.03.18 189
418 CVE-2017-0010 관리자 2017.03.18 189
417 CVE-2017-16609 관리자 2018.01.25 188
416 CVE-2017-16590 관리자 2018.01.25 188
415 CVE-2017-12117 관리자 2018.01.25 188
414 CVE-2017-2889 관리자 2017.11.09 188
413 CVE-2015-4181 관리자 2017.08.27 188
412 CVE-2017-0071 관리자 2017.03.18 188
411 CVE-2017-0006 관리자 2017.03.18 188
410 CVE-2017-1000417 관리자 2018.01.25 187
409 CVE-2017-13144 (imagemagick) 관리자 2017.08.27 187
408 CVE-2017-5685 관리자 2017.04.04 187
위로