Vulnerabilities > CVE-2018-20348 - Infinite Loop vulnerability in Libpff Project Libpff 20161119/20180428
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |