Home > Vulnerability Database > WS-2016-7081

Mend.io Vulnerability Database

WS-2016-7081

Good to know:

Date: December 13, 2016

In Kitware/VTK, version v4.2.0 to v7.1.1, there is a potential buffer overflow vulnerability in “vtkSTLReader.cxx”, due to an unbounded “fscanf” file read, which may allow an attacker to crash the program, or even execute arbitrary code on the system.

Language: C++

Severity Score

7.3

Related Resources (2)

Url: https://github.com/Kitware/VTK/commit/88463b24c2a1c6bc1c0b49b5d18707cc9756dffc

Url: https://www.mend.io/vulnerability-database/WS-2016-7081

Severity Score

7.3

Weakness Type (CWE)

Buffer Over-read

CWE-126

Top Fix

Upgrade Version

Upgrade to version v8.0.0

Learn More

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2016-7081

Good to know:

Date: December 13, 2016

Language: C++

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?