PT-2018-5092 · Vmware · Carbon Black

Kyriakos Economou

Published

2016-11-23

Updated

2018-03-07

CVE-2016-9570

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Carbon Black version 5.1.1.60603

Description The issue allows attackers to cause a denial of service by exploiting access to the NetMon named pipe, leading to an out-of-bounds read, invalid pointer dereference, and application crash.

Recommendations For version 5.1.1.60603, consider restricting access to the NetMon named pipe to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-254CWE-125CWE-476

Related Identifiers

BDU:2018-00699

CVE-2016-9570

Affected Products

Carbon Black

PT-2018-5092 · Vmware · Carbon Black

CVE-2016-9570

Weakness Enumeration

Related Identifiers

Affected Products

References · 4