CVE-2015-10088 — Vulnetix

CVE-2015-10088 PUBLISHED

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function http_connect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 40e04680018614a7d2b68566b261b061a0597046. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222267.

EPSS 0.47% · 65.0th percentile

Risk Scores

EPSS Score

0.47%

65.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	ayttm	0, 0.6.3-3build1

Exploit Intelligence

https://vuldb.com/?id.222267 (circl)
https://vuldb.com/?ctiid.222267 (circl)
https://sourceforge.net/p/ayttm/mailman/message/34397158/ (circl)
https://github.com/ayttm/ayttm/commit/40e04680018614a7d2b68566b261b061a0597046 (circl)

Timeline

Mar 5, 2023 EPSS Score
Mar 5, 2023 CVE Published
Mar 7, 2023 EPSS Score
Apr 13, 2023 EPSS Score
May 22, 2023 EPSS Score
Jun 30, 2023 EPSS Score
Aug 8, 2023 EPSS Score
Sep 16, 2023 EPSS Score
Oct 25, 2023 EPSS Score
Dec 3, 2023 EPSS Score
Jan 12, 2024 EPSS Score
Feb 20, 2024 EPSS Score

References

https://ubuntu.com/security/CVE-2015-10088 third-party-advisory
https://sourceforge.net/p/ayttm/mailman/message/34397158/ third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2015-10088 third-party-advisory

Open in Interactive Console →