CVE-2016-6354

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

References

http://www.debian.org/security/2016/dsa-3653

http://www.openwall.com/lists/oss-security/2016/07/18/8

http://www.openwall.com/lists/oss-security/2016/07/26/12

https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466

https://security.gentoo.org/glsa/201701-31

Details

Source: MITRE

Published: 2016-09-21

Updated: 2017-01-18

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:flex_project:flex:*:*:*:*:*:*:*:* versions up to 2.6.0 (inclusive)

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
137974EulerOS Virtualization 3.0.6.0 : flex (EulerOS-SA-2020-1755)NessusHuawei Local Security Checks
critical
131602EulerOS 2.0 SP2 : flex (EulerOS-SA-2019-2448)NessusHuawei Local Security Checks
critical
129243EulerOS 2.0 SP3 : flex (EulerOS-SA-2019-2050)NessusHuawei Local Security Checks
critical
129120EulerOS 2.0 SP5 : flex (EulerOS-SA-2019-1963)NessusHuawei Local Security Checks
critical
106884GLSA-201802-03 : Mozilla Firefox: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
100539SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:1442-1)NessusSuSE Local Security Checks
critical
99632Mozilla Firefox < 53 Multiple VulnerabilitiesNessusWindows
critical
99631Mozilla Firefox ESR 52.x < 52.1 Multiple VulnerabilitiesNessusWindows
critical
99630Mozilla Firefox ESR 45.x < 45.9 Multiple VulnerabilitiesNessusWindows
critical
99629Mozilla Firefox < 53 Multiple Vulnerabilities (macOS)NessusMacOS X Local Security Checks
critical
99628Mozilla Firefox ESR < 52.1 Multiple Vulnerabilities (macOS)NessusMacOS X Local Security Checks
critical
99627Mozilla Firefox ESR 45.x < 45.9 Multiple Vulnerabilities (macOS)NessusMacOS X Local Security Checks
critical
96942openSUSE Security Update : seamonkey (openSUSE-2017-189)NessusSuSE Local Security Checks
critical
96425GLSA-201701-31 : flex: Potential insecure code generationNessusGentoo Local Security Checks
critical
95679Fedora 23 : flex (2016-8d79ade826)NessusFedora Local Security Checks
critical
93855openSUSE Security Update : flex / at / libbonobo / etc (openSUSE-2016-1155)NessusSuSE Local Security Checks
critical
93768SUSE SLED12 / SLES12 Security Update : flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (SUSE-SU-2016:2397-1)NessusSuSE Local Security Checks
critical
93706openSUSE Security Update : Thunderbird (openSUSE-2016-1120)NessusSuSE Local Security Checks
critical
93363openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1057)NessusSuSE Local Security Checks
critical
93313SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)NessusSuSE Local Security Checks
critical
93302SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2016:2131-1)NessusSuSE Local Security Checks
critical
93288SUSE SLES11 Security Update : MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr / mozilla-nss (SUSE-SU-2016:2061-1)NessusSuSE Local Security Checks
critical
93215openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-1028)NessusSuSE Local Security Checks
critical
93146openSUSE Security Update : Firefox (openSUSE-2016-1019)NessusSuSE Local Security Checks
critical
93116Debian DSA-3653-1 : flex - security updateNessusDebian Local Security Checks
critical
92808Fedora 24 : flex (2016-c9ad9582f7)NessusFedora Local Security Checks
critical