Netwide Assembler 2.14.02 asm/eval.c expr denial of service
| CVSS Meta Temp Score | Current Exploit Price (β) | CTI Interest Score |
|---|---|---|
| 3.5 | $0-$5k | 0.80+ |
A vulnerability was found in Netwide Assembler 2.14.02 (Programming Tool Software). It has been declared as problematic. This vulnerability affects the function expr of the file asm/eval.c. The manipulation with an unknown input leads to a denial of service vulnerability (Memory Exhaustion). The CWE definition for the vulnerability is CWE-789. As an impact it is known to affect availability.
The weakness was disclosed 01/04/2020. This vulnerability was named CVE-2019-20334 since 01/04/2020. Technical details are known, but there is no available exploit.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Type
Name
VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.5
VulDB Base Score: β3.5
VulDB Temp Score: β3.5
VulDB Vector: π
VulDB Reliability: π
VulDB Base Score: π
VulDB Temp Score: π
VulDB Reliability: π
Class: Denial of service / Memory Exhaustion (CWE-789)
Local: Yes
Remote: No
Availability: π
Status: Not defined
Price Prediction: π
Current Price Estimation: π
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: π
Adversaries: π
Geopolitics: π
Economy: π
Predictions: π
Remediation: πRecommended: no mitigation known
0-Day Time: π
01/04/2020 Advisory disclosed
01/04/2020 CVE assigned
01/05/2020 VulDB entry created
01/05/2020 VulDB last update
CVE: CVE-2019-20334 (π)Created: 01/05/2020 10:05 AM
Complete: π
Upgrade your account now!
https://vuldb.com/?id.148282
Gloss