CVE-2020-8896

MEDIUM Year: 2020
CVSS v3 Score
5.9
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-119
View all →

Vulnerability Description

A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used to hold it. Mitigation: Update to Google Earth Pro 7.3.3.

Related Vulnerabilities

CVE-2013-5571

MEDIUM
CVSS:5.9(Medium)

HMailServer 5.3.x and prior: Memory Corruption which could cause DOS

CWE-1192013

CVE-2015-5314

MEDIUM
CVSS:5.9(Medium)

The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal...

CWE-1192015

CVE-2015-5315

MEDIUM
CVSS:5.9(Medium)

The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a net...

CWE-1192015

CVE-2015-8878

MEDIUM
CVSS:5.9(Medium)

main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory co...

CWE-1192015

CVE-2016-0771

MEDIUM
CVSS:5.9(Medium)

The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial ...

CWE-1192016

CVE-2016-2519

MEDIUM
CVSS:5.9(Medium)

ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a ...

CWE-1192016