TROYANOSYVIRUS
Voltar para CVEs

CVE-2015-8659

N/A

Descricao

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado1/12/2016
Ultima modificacao4/12/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

apple:iphone_osapple:mac_os_xapple:tvosapple:watchosnghttp2:nghttp2

Fraquezas (CWE)

CWE-119

Referencias

http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html(cve@mitre.org)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html(cve@mitre.org)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html(cve@mitre.org)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175085.html(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175423.html(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2015/12/23/10(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2015/12/23/6(cve@mitre.org)
http://www.securitytracker.com/id/1035353(cve@mitre.org)
https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/(cve@mitre.org)
https://security.gentoo.org/glsa/201612-06(cve@mitre.org)
https://support.apple.com/HT206166(cve@mitre.org)
https://support.apple.com/HT206167(cve@mitre.org)
https://support.apple.com/HT206168(cve@mitre.org)
https://support.apple.com/HT206169(cve@mitre.org)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175085.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175423.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2015/12/23/10(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2015/12/23/6(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1035353(af854a3a-2127-422b-91ae-364da2661108)
https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201612-06(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT206166(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT206167(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT206168(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT206169(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.