Vulnerabilities > CVE-2020-17487

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

radare

fedoraproject

NVD

Published: 2020-08-11

Updated: 2023-11-07

Summary

radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.

Vulnerable Configurations

Part	Description	Count
Application	Radare Radare Radare2 4.5.0	1
OS	Fedoraproject Fedoraproject Fedora 32 Fedoraproject Fedora 33	2

References

https://github.com/radareorg/radare2/issues/17431
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45SGGCWFIIV7N2X2QZRREHOW7ODT3IH7/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJET3RR6W7LAK4H6VPTMAZS24W7XYHRZ/

Vulnerabilities > CVE-2020-17487 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-17487"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-17487