Vulnerabilities > CVE-2017-9520 - Use After Free vulnerability in Radare Radare2 1.5.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
radare
CWE-416
NVD
Published: 2017-06-08
Updated: 2017-06-27

Summary

The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.

Vulnerable Configurations

Part Description Count
Application
Radare
1

Common Weakness Enumeration (CWE)

References