NVD

Id
84370  
Name
CVE-2017-2775  
Description
An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled VI file can be used to trigger this vulnerability, exploitation could lead to remote code execution.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-05-27  
Published
2017-03-31  
Modified Date
2017-05-23  
Seq
2017-2775  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
413296 84370 CVE-2015-2330 [oss-security] 20150317 CVE Request: WebKitGTK+ late TLS certificate verification  View
413297 84370 CVE-2015-2330 [oss-security] 20150318 Re: CVE Request: WebKitGTK+ late TLS certificate verification  View
413298 84370 CVE-2015-2330 https://bugs.webkit.org/show_bug.cgi?id=142244  View
413299 84370 CVE-2015-2330 https://trac.webkit.org/changeset/181074  View
413300 84370 CVE-2015-2330 https://webkitgtk.org/security/WSA-2015-0002.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66473 JVNDB-2017-002811 LabVIEW におけるバッファエラーの脆弱性 LabVIEW には、バッファエラーの脆弱性が存在します。 CVE-2017-2775 0 CVE-2017-2775 84370 6.8 7.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002811.html 2017-03-22 2017-05-01 View