CVE-2017-12858

Critical

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via…

mitre·CWE-415·Published 2017-08-23

CVSS

9.8

EPSS

0.04

KEV

Exploits

cve.orgen

149 chars

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

NVDen

149 chars

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

Una vulnerabilidad de doble liberación en la función _zip_dirent_read en zip_dirent.c en libzip permite que atacantes provoquen un impacto sin especificar mediante el uso de vectores desconocidos.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H