Vulnerabilities > CCN Lite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-07 | CVE-2017-12467 | Missing Release of Resource after Effective Lifetime vulnerability in Ccn-Lite Memory leak in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) by leveraging failure to allocate memory for the comp or complen structure member. | 7.5 |
2018-02-07 | CVE-2017-12466 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access. | 9.8 |
2018-02-07 | CVE-2017-12465 | Integer Overflow or Wraparound vulnerability in Ccn-Lite Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse function. | 9.8 |
2018-02-07 | CVE-2017-12464 | NULL Pointer Dereference vulnerability in Ccn-Lite ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via vectors involving the keyfile variable. | 7.5 |
2018-02-07 | CVE-2017-12463 | Missing Release of Resource after Effective Lifetime vulnerability in Ccn-Lite Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown. | 7.5 |
2018-02-07 | CVE-2017-12412 | Infinite Loop vulnerability in Ccn-Lite ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow. | 7.8 |
2018-01-31 | CVE-2018-6480 | Incorrect Type Conversion or Cast vulnerability in Ccn-Lite 2.0.0 A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). | 8.8 |