ByteOS Network

NVD Vulnerability Details :

CVE-2016-10196

Deferred

Source-cve@mitre.org

Published At-15 Mar, 2017 | 15:59

Updated At-20 Apr, 2025 | 01:37

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

Debian GNU/Linux

>>debian_linux>>8.0

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

libevent_project>>libevent>>Versions up to 2.1.5(inclusive)

cpe:2.3:a:libevent_project:libevent:*:*:*:*:*:*:*:*

Mozilla Corporation

>>firefox>>Versions before 53.0(exclusive)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Mozilla Corporation

>>firefox>>52.0

cpe:2.3:a:mozilla:firefox:52.0:*:*:*:*:*:*:*

Mozilla Corporation

>>firefox_esr>>Versions before 45.9.0(exclusive)

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

Mozilla Corporation

>>thunderbird>>Versions before 52.1.0(exclusive)

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.debian.org/security/2017/dsa-3789	cve@mitre.org	Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/01/31/17	cve@mitre.org	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/02/7	cve@mitre.org	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/96014	cve@mitre.org	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038320	cve@mitre.org	Broken Link Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:1104	cve@mitre.org	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1106	cve@mitre.org	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1201	cve@mitre.org	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1343453	cve@mitre.org	Issue Tracking Third Party Advisory
https://github.com/libevent/libevent/blob/release-2.1.6-beta/ChangeLog	cve@mitre.org	Release Notes Third Party Advisory
https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5	cve@mitre.org	Patch Third Party Advisory
https://github.com/libevent/libevent/issues/318	cve@mitre.org	Exploit Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201705-01	cve@mitre.org	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-10/	cve@mitre.org	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-11/	cve@mitre.org	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-12/	cve@mitre.org	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-13/	cve@mitre.org	Third Party Advisory
http://www.debian.org/security/2017/dsa-3789	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/01/31/17	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/02/7	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/96014	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038320	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:1104	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1106	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1201	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1343453	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory
https://github.com/libevent/libevent/blob/release-2.1.6-beta/ChangeLog	af854a3a-2127-422b-91ae-364da2661108	Release Notes Third Party Advisory
https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5	af854a3a-2127-422b-91ae-364da2661108	Patch Third Party Advisory
https://github.com/libevent/libevent/issues/318	af854a3a-2127-422b-91ae-364da2661108	Exploit Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201705-01	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-10/	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-11/	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-12/	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-13/	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History