VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-3fxs-63ze-aaam

Essentials
Severities (100)
References (40)
Severity details (46)
Exploits (1)
EPSS
History (0)

Vulnerability ID	VCID-3fxs-63ze-aaam
Aliases	CVE-2017-5030
Summary	Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-125

Out-of-bounds Read

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5030.html
cvssv3.1	8.8	http://rhn.redhat.com/errata/RHSA-2017-0499.html
ssvc	Attend	http://rhn.redhat.com/errata/RHSA-2017-0499.html
rhas	Important	https://access.redhat.com/errata/RHSA-2017:0499
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
epss	0.64260	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.64260	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.64260	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.64260	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.65202	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.67563	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.67597	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.67597	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.67597	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.67597	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.67597	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68716	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.68801	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.69581	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.74963	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.74963	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.74963	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.75547	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1431030
cvssv3.1	8.8	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
cvssv3.1	8.8	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
generic_textual	Medium	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
ssvc	Attend	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
ssvc	Attend	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
cvssv3.1	8.8	https://crbug.com/682194
cvssv3.1	8.8	https://crbug.com/682194
ssvc	Attend	https://crbug.com/682194
ssvc	Attend	https://crbug.com/682194
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2017-5030
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2017-5030
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2017-5030
archlinux	Critical	https://security.archlinux.org/AVG-197
cvssv3.1	8.8	https://security.gentoo.org/glsa/201704-02
cvssv3.1	8.8	https://security.gentoo.org/glsa/201704-02
ssvc	Attend	https://security.gentoo.org/glsa/201704-02
ssvc	Attend	https://security.gentoo.org/glsa/201704-02
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3236-1
cvssv3.1	8.8	https://www.zerodayinitiative.com/advisories/ZDI-20-126/
ssvc	Attend	https://www.zerodayinitiative.com/advisories/ZDI-20-126/
cvssv3.1	8.8	http://www.debian.org/security/2017/dsa-3810
ssvc	Attend	http://www.debian.org/security/2017/dsa-3810
cvssv3.1	8.8	http://www.securityfocus.com/bid/96767
ssvc	Attend	http://www.securityfocus.com/bid/96767

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5030.html
		http://rhn.redhat.com/errata/RHSA-2017-0499.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
		https://api.first.org/data/v1/epss?cve=CVE-2017-5030
		https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
		https://crbug.com/682194
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046
		https://security.gentoo.org/glsa/201704-02
		https://ubuntu.com/security/notices/USN-3236-1
		https://www.zerodayinitiative.com/advisories/ZDI-20-126/
		http://www.debian.org/security/2017/dsa-3810
		http://www.securityfocus.com/bid/96767
1431030		https://bugzilla.redhat.com/show_bug.cgi?id=1431030
ASA-201703-4		https://security.archlinux.org/ASA-201703-4
AVG-197		https://security.archlinux.org/AVG-197
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
CVE-2017-5030		https://nvd.nist.gov/vuln/detail/CVE-2017-5030
RHSA-2017:0499		https://access.redhat.com/errata/RHSA-2017:0499
USN-3236-1		https://usn.ubuntu.com/3236-1/

Data source	KEV
Date added	June 8, 2022
Description	Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action	Apply updates per vendor instructions.
Due date	June 22, 2022
Note	https://nvd.nist.gov/vuln/detail/CVE-2017-5030
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2017-0499.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://rhn.redhat.com/errata/RHSA-2017-0499.html

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/682194

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/682194

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://crbug.com/682194

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5030

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5030

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5030

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201704-02

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201704-02

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://security.gentoo.org/glsa/201704-02

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.zerodayinitiative.com/advisories/ZDI-20-126/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://www.zerodayinitiative.com/advisories/ZDI-20-126/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.debian.org/security/2017/dsa-3810

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://www.debian.org/security/2017/dsa-3810

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/96767

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://www.securityfocus.com/bid/96767

Exploit Prediction Scoring System (EPSS)

Percentile	0.98033
EPSS Score	0.64260
Published At	Dec. 17, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.