CVE-2016-4536
MEDIUM5.3EPSS 0.30%發布日:2016/5/13修改日:2026/4/28
也稱為:DEBIAN-CVE-2016-4536
描述
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
受影響套件(1)
- Debian/openafsfrom 0, < 1.6.17-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |