CVE-2017-12613 Information

Description

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior out of bounds memory may be accessed in converting this value to an apr_time_exp_t value potentially revealing the contents of a different static heap value or resulting in program termination and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Reference

http://www.apache.org/dist/apr/Announcement1.x.html http://www.securityfocus.com/bid/101560 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2017:3270 https://access.redhat.com/errata/RHSA-2017:3475 https://access.redhat.com/errata/RHSA-2017:3476 https://access.redhat.com/errata/RHSA-2017:3477 https://access.redhat.com/errata/RHSA-2018:0316 https://access.redhat.com/errata/RHSA-2018:0465 https://access.redhat.com/errata/RHSA-2018:0466 https://access.redhat.com/errata/RHSA-2018:1253 https://lists.apache.org/thread.html/12489f2e4a9f9d390235c16298aca0d20658789de80d553513977f13403Cannounce.apache.org3E https://lists.debian.org/debian-lts-announce/2017/11/msg00005.html https://svn.apache.org/viewvc?view=revision&revision=1807976

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.1