CVE-2019-3856 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | An issue has been found in libssh2 before 1.8.1 where a server could send a value approaching unsigned int max number of keyboard prompt requests which could result in an unchecked integer overflow. The value would then be used to allocate memory causing a possible memory write out of bounds error. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-926 | libssh2 | 1.8.0-3 | 1.8.1-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
22 Mar 2019 | ASA-201903-12 | AVG-926 | libssh2 | Critical | multiple issues |
References |
---|
https://www.libssh2.org/CVE-2019-3856.html https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch |