CVE-2017-7957 - OpenCVE

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML("<void/>") call.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Xstream Project	Xstream
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

References

Link	Resource
http://www.debian.org/security/2017/dsa-3841	Third Party Advisory
http://www.securityfocus.com/bid/100687	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039499	Third Party Advisory VDB Entry
http://x-stream.github.io/CVE-2017-7957.html	Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1832	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2888	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2889	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/125800	Third Party Advisory VDB Entry
https://www-prd-trops.events.ibm.com/node/715749	Permissions Required

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-04-29T19:00:00

Updated: 2018-07-05T17:57:01

Reserved: 2017-04-19T00:00:00

Link: CVE-2017-7957

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-04-29T19:59:00.167

Modified: 2019-03-26T17:15:49.980

Link: CVE-2017-7957

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-04-29T00:00:00", "descriptions": [{"lang": "en", "value": "XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML(\"<void/>\") call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-07-05T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2017:2888", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"name": "RHSA-2017:1832", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1832"}, {"name": "RHSA-2017:2889", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"name": "1039499", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039499"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www-prd-trops.events.ibm.com/node/715749"}, {"name": "xstream-cve20177957-dos(125800)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125800"}, {"name": "DSA-3841", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3841"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://x-stream.github.io/CVE-2017-7957.html"}, {"name": "100687", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100687"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-7957", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML(\"<void/>\") call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:2888", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"name": "RHSA-2017:1832", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1832"}, {"name": "RHSA-2017:2889", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"name": "1039499", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039499"}, {"name": "https://www-prd-trops.events.ibm.com/node/715749", "refsource": "CONFIRM", "url": "https://www-prd-trops.events.ibm.com/node/715749"}, {"name": "xstream-cve20177957-dos(125800)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125800"}, {"name": "DSA-3841", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3841"}, {"name": "http://x-stream.github.io/CVE-2017-7957.html", "refsource": "CONFIRM", "url": "http://x-stream.github.io/CVE-2017-7957.html"}, {"name": "100687", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100687"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-7957", "datePublished": "2017-04-29T19:00:00", "dateReserved": "2017-04-19T00:00:00", "dateUpdated": "2018-07-05T17:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:*", "matchCriteriaId": "09F03F13-9D82-4AC4-805E-330346A0A37A", "versionEndIncluding": "1.4.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML(\"<void/>\") call."}, {"lang": "es", "value": "XStream a trav\u00e9s de 1.4.9, cuando no se utiliza una soluci\u00f3n de denyTypes, mishandles intenta crear una instancia del tipo primitivo 'void' durante unmarshalling, dando lugar a un fallo de aplicaci\u00f3n remota, como lo demuestra una llamda a xstream.fromXML (\" > \")."}], "id": "CVE-2017-7957", "lastModified": "2019-03-26T17:15:49.980", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-29T19:59:00.167", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2017/dsa-3841"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100687"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039499"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://x-stream.github.io/CVE-2017-7957.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1832"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125800"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "https://www-prd-trops.events.ibm.com/node/715749"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}