CVE-2020-23900

{"id": "CVE-2020-23900", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2021-11-10T22:15:11.187", "references": [{"url": "https://github.com/Aurorainfinity/vulnerabilities/blob/master/WildBit_Viewer/tga_file_format.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.wildbit-soft.fi/software.html", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b."}, {"lang": "es", "value": "Un desbordamiento del b\u00fafer en WildBit Viewer versi\u00f3n v6.6, permite a atacantes causar una denegaci\u00f3n de servicio (DoS) por medio de un archivo tga dise\u00f1ado. Relacionado con Datos de los controles de Direcci\u00f3n que Fallan el Flujo de C\u00f3digo que comienza en Editor!TMethodImplementationIntercept+0x57a3b"}], "lastModified": "2021-11-13T04:55:47.317", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wildbit-soft:wildbit_viewer:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22D30D35-E2AE-44DA-B26C-C59787174391"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}