07 Nov 2017
CVE-2017-2922 - CVE Vulnerability
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to achieve remote code execution. An attacker needs to send a specially crafted websocket packet over the network to trigger this vulnerability. (CVSS:0.0) (Last Update:2017-11-07)
Vulnerability Details : An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to achieve remote code execution. An attacker needs to send a specially crafted websocket packet over the network to trigger this vulnerability. Publish Date : 2017-11-07 Last Update Date : 2017-11-07 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-2922
- References For CVE-2017-2922
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-2922There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |