How severe is CVE-2018-5709?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2018-5709?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2018-5709 - HIGH Severity | CVSS 7.5

Vulnerability Description

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

Related Vulnerabilities

CVE-2011-1298

HIGH

CVSS:7.5(High)

An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.

CWE-1902011

CVE-2012-1610

HIGH

CVSS:7.5(High)

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component coun...

CWE-1902012

CVE-2013-2806

HIGH

CVSS:7.5(High)

Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic...

CWE-1902013

CVE-2013-2807

HIGH

CVSS:7.5(High)

CWE-1902013

CVE-2015-1529

HIGH

CVSS:7.5(High)

Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.

CWE-1902015

CVE-2015-7848

HIGH

CVSS:7.5(High)

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct ...

CWE-1902015