CVE-2017-6452

EUVD-2017-15509
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
ntpntp
4.2.8:p9
ntpntp
4.3.0
ntpntp
4.3.1
ntpntp
4.3.2
ntpntp
4.3.3
ntpntp
4.3.4
ntpntp
4.3.5
ntpntp
4.3.6
ntpntp
4.3.7
ntpntp
4.3.8
ntpntp
4.3.9
ntpntp
4.3.10
ntpntp
4.3.11
ntpntp
4.3.12
ntpntp
4.3.13
ntpntp
4.3.14
ntpntp
4.3.15
ntpntp
4.3.16
ntpntp
4.3.17
ntpntp
4.3.18
ntpntp
4.3.19
ntpntp
4.3.20
ntpntp
4.3.21
ntpntp
4.3.22
ntpntp
4.3.23
ntpntp
4.3.24
ntpntp
4.3.25
ntpntp
4.3.26
ntpntp
4.3.27
ntpntp
4.3.28
ntpntp
4.3.29
ntpntp
4.3.30
ntpntp
4.3.31
ntpntp
4.3.32
ntpntp
4.3.33
ntpntp
4.3.34
ntpntp
4.3.35
ntpntp
4.3.36
ntpntp
4.3.37
ntpntp
4.3.38
ntpntp
4.3.39
ntpntp
4.3.40
ntpntp
4.3.41
ntpntp
4.3.42
ntpntp
4.3.43
ntpntp
4.3.44
ntpntp
4.3.45
ntpntp
4.3.46
ntpntp
4.3.47
ntpntp
4.3.48
ntpntp
4.3.49
ntpntp
4.3.50
ntpntp
4.3.51
ntpntp
4.3.52
ntpntp
4.3.53
ntpntp
4.3.54
ntpntp
4.3.55
ntpntp
4.3.56
ntpntp
4.3.57
ntpntp
4.3.58
ntpntp
4.3.59
ntpntp
4.3.60
ntpntp
4.3.61
ntpntp
4.3.62
ntpntp
4.3.63
ntpntp
4.3.64
ntpntp
4.3.65
ntpntp
4.3.66
ntpntp
4.3.67
ntpntp
4.3.68
ntpntp
4.3.69
ntpntp
4.3.70
ntpntp
4.3.71
ntpntp
4.3.72
ntpntp
4.3.73
ntpntp
4.3.74
ntpntp
4.3.75
ntpntp
4.3.76
ntpntp
4.3.77
ntpntp
4.3.78
ntpntp
4.3.79
ntpntp
4.3.80
ntpntp
4.3.81
ntpntp
4.3.82
ntpntp
4.3.83
ntpntp
4.3.84
ntpntp
4.3.85
ntpntp
4.3.86
ntpntp
4.3.87
ntpntp
4.3.88
ntpntp
4.3.89
ntpntp
4.3.90
ntpntp
4.3.91
ntpntp
4.3.92
ntpntp
4.3.93
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ntp
bullseye
1:4.2.8p15+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ntp
precise
not-affected
trusty
not-affected
xenial
not-affected
yakkety
not-affected
Common Weakness Enumeration
References
http://support.ntp.org/bin/view/Main/NtpBug3383
http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
http://www.securityfocus.com/bid/97078
http://www.securitytracker.com/id/1038123
http://www.securitytracker.com/id/1039427
https://support.apple.com/HT208144
http://support.ntp.org/bin/view/Main/NtpBug3383
http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
http://www.securityfocus.com/bid/97078
http://www.securitytracker.com/id/1038123
http://www.securitytracker.com/id/1039427
https://support.apple.com/HT208144