CVE-2016-4973

high

Description

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.

References

Advisories

https://bugzilla.redhat.com/show_bug.cgi?id=1324759

http://www.securityfocus.com/bid/92530

http://www.openwall.com/lists/oss-security/2016/08/17/6

Details

Source: Mitre, NVD

Published: 2017-06-07

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00063

Detections

Analytics