← Zuruck zu CVEs

CVE-2015-8659

N/A

Beschreibung

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht1/12/2016

Zuletzt geandert4/12/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apple:iphone_osapple:mac_os_xapple:tvosapple:watchosnghttp2:nghttp2

Schwachen (CWE)

CWE-119

Referenzen

http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html(cve@mitre.org)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html(cve@mitre.org)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html(cve@mitre.org)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175085.html(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175423.html(cve@mitre.org)

http://www.openwall.com/lists/oss-security/2015/12/23/10(cve@mitre.org)

http://www.openwall.com/lists/oss-security/2015/12/23/6(cve@mitre.org)

http://www.securitytracker.com/id/1035353(cve@mitre.org)

https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/(cve@mitre.org)

https://security.gentoo.org/glsa/201612-06(cve@mitre.org)

https://support.apple.com/HT206166(cve@mitre.org)

https://support.apple.com/HT206167(cve@mitre.org)

https://support.apple.com/HT206168(cve@mitre.org)

https://support.apple.com/HT206169(cve@mitre.org)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175085.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175423.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.openwall.com/lists/oss-security/2015/12/23/10(af854a3a-2127-422b-91ae-364da2661108)

http://www.openwall.com/lists/oss-security/2015/12/23/6(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1035353(af854a3a-2127-422b-91ae-364da2661108)

https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201612-06(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT206166(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT206167(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT206168(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT206169(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.