VDB
CVE-2017-10989
CVE-2017-10989
PUBLISHED
CVSS 9.800000190734863 CRITICAL
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mis-handles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly un-specified other impact.
EPSS 13.11% · 94.3th percentile
Risk Scores
CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
EPSS Score
13.11%
94.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB Ability Camera Connect <=2.0.0.42 | |
| ABB | B&R Industrial Automation GmbH Automation Studio <6.5 | |
| ABB | ABB B&R Automation Studio <6.5 |
Exploit Intelligence
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- cve-2017-17485 PoC (github-poc)
- cve-2017-17485 PoC (github-poc)
- cve-2017-17485 PoC (github-poc)
…and 69 more exploits
Timeline
- Jul 7, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 18, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 23, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- Mar 31, 2025 EPSS Score
- Apr 2, 2025 EPSS Score
- Apr 5, 2025 EPSS Score
- Apr 13, 2025 EPSS Score
References
- https://psirt.abb.com/csaf/2026/sa25p007.json advisory
- https://www.br-automation.com/fileadmin/SA25P007-097a386d.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-10989 advisory
- https://psirt.abb.com/csaf/2026/4hzm000604.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=4HZM000604&LanguageCode=en&DocumentPartId=PDF&Action=Launch advisory