Vulnerability Name:

CVE-2019-19918 (CCN-173389)

Assigned:2019-12-20
Published:2019-12-20
Updated:2022-12-14
Summary:
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2019-19918

Source: cve@mitre.org
Type: Broken Link, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link, Third Party Advisory
cve@mitre.org

Source: CCN
Type: Lout Web site
mainLout - Summary

Source: XF
Type: UNKNOWN
lout-cve201919918-dos(173389)

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: CCN
Type: GNU Mailing List, Fri, 20 Dec 2019 19:00:59 +0100
Heap-based buffer overflow in the srcnext() function

Source: cve@mitre.org
Type: Exploit, Mailing List, Third Party Advisory
cve@mitre.org

Oval Definitions
Definition IDClassTitleLast Modified
oval:org.opensuse.security:def:201919918
V
CVE-2019-19918
2022-06-30
oval:org.opensuse.security:def:112963
P
lout-3.42-1.3 on GA media (Moderate)
2022-01-17
oval:org.opensuse.security:def:64782
P
Security update for util-linux (Moderate)
2021-10-20
oval:org.opensuse.security:def:106412
P
lout-3.42-1.3 on GA media (Moderate)
2021-10-01
oval:org.opensuse.security:def:64581
P
Security update for postgresql13 (Moderate)
2021-09-29
oval:org.opensuse.security:def:63192
P
apache2-2.4.33-3.15.1 on GA media (Moderate)
2021-09-21
oval:org.opensuse.security:def:63337
P
libct4-1.1.36-3.3.1 on GA media (Moderate)
2021-08-10
oval:org.opensuse.security:def:63127
P
kernel-devel-azure-4.12.14-5.47.1 on GA media (Moderate)
2021-08-10
oval:org.opensuse.security:def:63131
P
rmt-server-pubcloud-2.6.8-1.2 on GA media (Moderate)
2021-08-10
oval:org.opensuse.security:def:62736
P
cups-pk-helper-0.2.6-1.36 on GA media (Moderate)
2021-08-09
oval:org.opensuse.security:def:64884
P
Security update for kubevirt (Moderate)
2021-07-21
oval:org.opensuse.security:def:74647
P
Security update for go1.15 (Important)
2021-06-30
oval:org.opensuse.security:def:64538
P
Security update for libgcrypt (Important)
2021-06-24
oval:org.opensuse.security:def:63532
P
dia-0.97.3-2.32 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:64469
P
Security update for opensc (Moderate)
2021-04-13
oval:org.opensuse.security:def:64675
P
Security update for zstd (Moderate)
2021-03-24
oval:org.opensuse.security:def:64674
P
Security update for python3 (Moderate)
2021-03-24
oval:org.opensuse.security:def:64325
P
Security update for ceph (Moderate)
2021-01-05
oval:org.opensuse.security:def:63630
P
libotr-devel-4.1.1-2.3 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62713
P
perl-MIME-Charset-1.012.2-1.24 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62913
P
osc-0.165.0-1.3 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62712
P
perl-File-Path-2.150000-1.22 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63394
P
xalan-j2-2.7.2-2.41 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63134
P
clamsap-0.99.25-2.37 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63159
P
libfpm_pb0-1.1.1-2.29 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:64085
P
Security update for freetype2 (Important)
2020-12-01
oval:org.opensuse.security:def:63980
P
Security update for java-1_8_0-openjdk (Moderate)
2020-12-01
oval:org.opensuse.security:def:65054
P
Security update for libvirt (Important)
2020-12-01
oval:org.opensuse.security:def:63758
P
Security update for tcpdump (Moderate)
2020-12-01
oval:org.opensuse.security:def:75129
P
Security update for lout (Important)
2020-12-01
oval:org.opensuse.security:def:64219
P
bind-devel on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:63833
P
Security update for sqlite3 (Important)
2020-12-01
oval:org.opensuse.security:def:74521
P
Security update for freerdp (Important)
2020-12-01
oval:org.opensuse.security:def:64209
P
apparmor-abstractions on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:64942
P
Security update for xen (Important)
2020-12-01
oval:org.opensuse.security:def:74996
P
Security update for openconnect (Moderate)
2020-12-01
oval:org.opensuse.security:def:64427
P
pam_krb5 on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:103070
P
Security update for lout (Important)
2020-11-02
oval:org.opensuse.security:def:93543
P
Security update for lout (Important)
2020-11-02
oval:org.opensuse.security:def:96380
P
Security update for lout (Important)
2020-11-02
oval:org.opensuse.security:def:100256
P
Security update for lout (Important)
2020-11-02
oval:org.opensuse.security:def:109727
P
Security update for lout (Important)
2020-11-02
oval:org.opensuse.security:def:110271
P
Security update for lout (Important)
2020-10-29
oval:org.opensuse.security:def:110824
P
Security update for lout (Important)
2020-10-29
oval:com.ubuntu.disco:def:2019199180000000
V
CVE-2019-19918 on Ubuntu 19.04 (disco) - medium.
2019-12-20
oval:com.ubuntu.bionic:def:2019199180000000
V
CVE-2019-19918 on Ubuntu 18.04 LTS (bionic) - medium.
2019-12-20
oval:com.ubuntu.xenial:def:2019199180000000
V
CVE-2019-19918 on Ubuntu 16.04 LTS (xenial) - medium.
2019-12-20
BACK