Remote Denial of Service Vulnerability in GNU PSPP
CVE-2017-12960

7.5HIGH

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
18 August 2017

Summary

In GNU PSPP versions prior to 1.0.1, an assertion failure in the dict_rename_var() function located in data/dictionary.c can be exploited remotely. This vulnerability can lead to a denial of service, disrupting the operation of applications utilizing the library. Attackers can trigger this issue, causing a significant impact on service availability.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.