How severe is CVE-2017-12318?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2017-12318?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2017-12318

HIGH Year: 2017

CVSS v3 Score

7.5

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition. The vulnerability is due to a processing error with TCP connections to the affected device. An attacker could exploit this vulnerability by establishing a large number of TCP connections to an affected device and not actively closing those TCP connections. A successful exploit could allow the attacker to prevent the affected device from delivering SDV or VoD streams to set-top boxes. Cisco Bug IDs: CSCvf19887.

CVE-2004-2779

HIGH

CVSS:7.5(High)

id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition ...

CWE-3992004

CVE-2006-7229

HIGH

CVSS:7.5(High)

The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flo...

CWE-3992006

CVE-2007-0342

HIGH

CVSS:7.5(High)

WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demo...

CWE-3992007

CVE-2009-2541

HIGH

CVSS:7.5(High)

The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select...

CWE-3992009

CVE-2011-3280

HIGH

CVSS:7.5(High)

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reloa...

CWE-3992011

CVE-2011-4650

HIGH

CVSS:7.5(High)

Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the...

CWE-3992011

CVE-2017-12318

Vulnerability Description

Related Vulnerabilities

CVE-2004-2779

CVE-2006-7229

CVE-2007-0342

CVE-2009-2541

CVE-2011-3280

CVE-2011-4650