Buffer Overflow Vulnerability in Flexense SyncBreeze Enterprise
CVE-2017-17996

8.8HIGH

Key Information:

Vendor

Flexense

Status
Syncbreeze
Vendor
CVE Published:
6 February 2018

What is CVE-2017-17996?

A buffer overflow vulnerability exists in the 'Add command' functionality of Flexense SyncBreeze Enterprise versions up to 10.3.14. This flaw can be exploited by an authenticated attacker who inputs command names exceeding 5000 characters. Successful exploitation may lead to server termination and could allow execution of commands with SYSTEM privileges, posing significant security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2018/Feb/10
mailing-listx_refsource_FULLDISC
http://www.ryantzj.com/flexense-syncbreeze-entreprise-103...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.