How severe is CVE-2017-17250?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2017-17250?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2017-17250 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash.

Related Vulnerabilities

CVE-2014-1523

MEDIUM

CVSS:6.5(Medium)

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a ...

CWE-7872014

CVE-2014-8128

MEDIUM

CVSS:6.5(Medium)

LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.

CWE-7872014

CVE-2015-8613

MEDIUM

CVSS:6.5(Medium)

Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance...

CWE-7872015

CVE-2015-8781

MEDIUM

CVSS:6.5(Medium)

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-...

CWE-7872015

CVE-2015-8782

MEDIUM

CVSS:6.5(Medium)

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.

CWE-7872015

CVE-2015-8784

MEDIUM

CVSS:6.5(Medium)

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.

CWE-7872015