FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-15 08:21:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8745c67e-7dd1-4165-96e2-fcf9da2dc5b5gsoap -- remote code execution via via overflow

Senrio reports:

Genivia gSOAP is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized buffer.

A remote attacker may exploit this issue to execute arbitrary code in the context of the affected device. Failed attempts will likely cause a denial-of-service condition.


Discovery 2017-07-18
Entry 2017-07-25
gsoap
< 2.8.47

http://www.securityfocus.com/bid/99868/discuss
http://blog.senr.io/blog/devils-ivy-flaw-in-widely-used-third-party-code-impacts-millions
http://blog.senr.io/devilsivy.html
https://www.genivia.com/advisory.html#Security_advisory:_CVE-2017-9765_bug_in_certain_versions_of_gSOAP_2.7_up_to_2.8.47_%28June_21,_2017%29
https://www.genivia.com/changelog.html#Version_2.8.48_upd_%2806/21/2017%29
CVE-2017-9765