CVE-2016-6354 - OpenCVE

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Westes	Flex
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:westes:flex:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.debian.org/security/2016/dsa-3653	Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/07/18/8	Release Notes Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/07/26/12	Release Notes Third Party Advisory
https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466	Patch
https://security.gentoo.org/glsa/201701-31

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-09-21T14:00:00

Updated: 2017-01-12T22:57:01

Reserved: 2016-07-26T00:00:00

Link: CVE-2016-6354

JSON object: View

NVD Information

Status : Modified

Published: 2016-09-21T14:25:20.800

Modified: 2023-10-06T17:12:21.840

Link: CVE-2016-6354

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-18T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-12T22:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20160718 CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/07/18/8"}, {"name": "[oss-security] 20160726 Re: CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/07/26/12"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466"}, {"name": "DSA-3653", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3653"}, {"name": "GLSA-201701-31", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-31"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-6354", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20160718 CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/18/8"}, {"name": "[oss-security] 20160726 Re: CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/26/12"}, {"name": "https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466", "refsource": "CONFIRM", "url": "https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466"}, {"name": "DSA-3653", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3653"}, {"name": "GLSA-201701-31", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-31"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-6354", "datePublished": "2016-09-21T14:00:00", "dateReserved": "2016-07-26T00:00:00", "dateUpdated": "2017-01-12T22:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:westes:flex:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCADB986-7D3F-4E57-B982-08800DD34F0F", "versionEndIncluding": "2.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en la funci\u00f3n yy_get_next_buffer en Flex en versiones anteriores a 2.6.1 podr\u00eda permitir a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que involucran num_to_read."}], "id": "CVE-2016-6354", "lastModified": "2023-10-06T17:12:21.840", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-09-21T14:25:20.800", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3653"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/07/18/8"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/07/26/12"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201701-31"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}