OCaml Compiler Vulnerability Allows Attackers to Exploit Potential Weaknesses
CVE-2017-9779

7.8HIGH

Key Information:

Vendor: Ocaml
Status: Ocaml
Vendor: CVE Published:; 7 September 2017

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2017-9779?

The OCaml compiler has a vulnerability that may allow attackers to leverage unspecified vectors, potentially impacting the security of applications utilizing this compiler. Although similar to another vulnerability identified in CVE-2017-9772, this issue poses a less significant risk. Developers using OCaml should remain vigilant and apply necessary mitigations to safeguard their systems.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2017-9779
Created by homjxi0e

References

https://caml.inria.fr/mantis/view.php?id=7557

x_refsource_CONFIRM

https://sympa.inria.fr/sympa/arc/caml-list/2017-06/msg000...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 7, 2017
🟡
Public PoC available
Aug 18, 2017
👾
Exploit known to exist
Aug 18, 2017
Vulnerability Reserved
Jun 21, 2017

CVE-2017-9779 Data

JSON

Ocaml

Badges

What is CVE-2017-9779?

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline