CVE-2018-25262

EUVD-2018-21779
Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences Ports tab to trigger an application crash.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
angryipangry_ip_scanner
𝑥
≤ 3.5.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://angryip.org/
https://www.exploit-db.com/exploits/46038
https://www.vulncheck.com/advisories/angry-ip-scanner-for-linux-denial-of-service