A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.
References
Link | Resource |
---|---|
https://kcm.trellix.com/corporate/index?page=content&id=SB10396 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 04:02
Type | Values Removed | Values Added |
---|---|---|
Summary | A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable. |
10 Apr 2023, 13:58
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
First Time |
Linux
Microsoft windows Microsoft Trellix Trellix agent Linux linux Kernel |
|
References | (MISC) https://kcm.trellix.com/corporate/index?page=content&id=SB10396 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:trellix:agent:*:*:*:*:*:*:*:* |
03 Apr 2023, 17:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-03 16:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-0977
Mitre link : CVE-2023-0977
CVE.ORG link : CVE-2023-0977
JSON object : View
Products Affected
microsoft
- windows
trellix
- agent
linux
- linux_kernel