Vulnerabilities > CVE-2017-12130 - NULL Pointer Dereference vulnerability in Tinysvcmdns Project Tinysvcmdns 20171105
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the library dereference a NULL pointer leading to a server crash and denial of service. An attacker needs to send a DNS query to trigger this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Talos
id | TALOS-2017-0486 |
last seen | 2019-05-29 |
published | 2018-01-17 |
reporter | Talos Intelligence |
source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0486 |
title | Tinysvcmdns Multi-label DNS mdns_parse_qn Denial Of Service Vulnerability |