CVE-2010-2947
EPSS 9.2%
Description
Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.
How to fix CVE-2010-2947
To remediate CVE-2010-2947, upgrade the affected package to a fixed version below.
- Debian/libhx—upgrade to 3.5-2 or later
Is CVE-2010-2947 being exploited?
Moderate — EPSS is 9.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 3.5-2