CVE-2016-4819

moderate-risk
Published 2016-06-19

The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13f through 3.16b, DX Library for Gnu C++ 3.13f through 3.16b, and DX Library for Visual C++ 3.13f through 3.16b allows remote attackers to execute arbitrary code via a crafted string.

Do I need to act?

~
2.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (3)

Dx Library
Dx Library
Dx Library

Affected Vendors

Dx Library Project

References (6)

Vendor Advisory http://dxlib.o.oo7.jp/dxvulnerability.html
Vendor Advisory http://jvn.jp/en/jp/JVN15205734/index.html
Vendor Advisory http://jvndb.jvn.jp/jvndb/JVNDB-2016-000099
Vendor Advisory http://dxlib.o.oo7.jp/dxvulnerability.html
Vendor Advisory http://jvn.jp/en/jp/JVN15205734/index.html
Vendor Advisory http://jvndb.jvn.jp/jvndb/JVNDB-2016-000099
47
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 6/34 · Minimal
Exposure 9/34 · Low