Vulnerability Name:

CVE-2016-4303 (CCN-113986)

Assigned:2016-06-08
Published:2016-06-08
Updated:2022-06-30
Summary:The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.8 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-120
Vulnerability Consequences:Gain Access
References:Source: MISC
Type: Exploit, Third Party Advisory
http://blog.talosintel.com/2016/06/esnet-vulnerability.html

Source: MITRE
Type: CNA
CVE-2016-4303

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2016:2113

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2016:2121

Source: CCN
Type: iperf Web site
iperf3 iperf3 3.1.3 documentation

Source: CONFIRM
Type: Release Notes, Third Party Advisory
http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released

Source: CCN
Type: Talos Vulnerability Report TALOS-2016-0164
ESnet iPerf3 JSON parse_string UTF Code Execution Vulnerability

Source: MISC
Type: Exploit, Third Party Advisory
http://www.talosintelligence.com/reports/TALOS-2016-0164/

Source: XF
Type: UNKNOWN
iperf-cve20164303-bo(113986)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20200127 [SECURITY] [DLA 2080-1] iperf3 security update

Source: CONFIRM
Type: Third Party Advisory
https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-4303

Vulnerable Configuration:Configuration 1:
  • cpe:/a:iperf3_project:iperf3:*:*:*:*:*:*:*:* (Version >= 3.1 and < 3.1.3)
  • OR cpe:/a:iperf3_project:iperf3:*:*:*:*:*:*:*:* (Version >= 3.0 and < 3.0.12)

    • Configuration 2:
  • cpe:/a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20164303
    V
    		CVE-2016-4303
    2022-06-30
    oval:org.opensuse.security:def:112438
    P
    		iperf-3.1.3-1.3 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105944
    P
    		iperf-3.1.3-1.3 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:25597
    P
    		Security update for squid (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25070
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:25442
    P
    		Security update for libcaca (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24868
    P
    		Security update for libarchive (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25641
    P
    		Security update for bcm43xx-firmware (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25151
    P
    		Security update for file-roller (Low)
    2020-12-01
    oval:org.opensuse.security:def:25495
    P
    		Security update for shibboleth-sp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24879
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26279
    P
    		Security update for gimp (Low)
    2020-12-01
    oval:org.opensuse.security:def:25208
    P
    		Security update for python3-requests (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25583
    P
    		Security update for python36 (Important)
    2020-12-01
    oval:org.opensuse.security:def:24943
    P
    		Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:26314
    P
    		Security update for iperf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25292
    P
    		Security update for libX11 (Important)
    2020-12-01
    oval:com.ubuntu.cosmic:def:201643030000000
    V
    		CVE-2016-4303 on Ubuntu 18.10 (cosmic) - medium.
    2016-09-26
    oval:com.ubuntu.artful:def:20164303000
    V
    		CVE-2016-4303 on Ubuntu 17.10 (artful) - medium.
    2016-09-26
    oval:com.ubuntu.trusty:def:20164303000
    V
    		CVE-2016-4303 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-09-26
    oval:com.ubuntu.bionic:def:201643030000000
    V
    		CVE-2016-4303 on Ubuntu 18.04 LTS (bionic) - medium.
    2016-09-26
    oval:com.ubuntu.bionic:def:20164303000
    V
    		CVE-2016-4303 on Ubuntu 18.04 LTS (bionic) - medium.
    2016-09-26
    oval:com.ubuntu.xenial:def:20164303000
    V
    		CVE-2016-4303 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-09-26
    oval:com.ubuntu.xenial:def:201643030000000
    V
    		CVE-2016-4303 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-09-26
    oval:com.ubuntu.cosmic:def:20164303000
    V
    		CVE-2016-4303 on Ubuntu 18.10 (cosmic) - medium.
    2016-09-26
    oval:com.ubuntu.disco:def:201643030000000
    V
    		CVE-2016-4303 on Ubuntu 19.04 (disco) - medium.
    2016-09-26
    oval:com.ubuntu.precise:def:20164303000
    V
    		CVE-2016-4303 on Ubuntu 12.04 LTS (precise) - medium.
    2016-09-26
    BACK
    iperf3_project iperf3 *
    iperf3_project iperf3 *
    novell suse package hub for suse linux enterprise 12
    opensuse leap 42.1
    opensuse opensuse 13.2
    debian debian linux 8.0