Description
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.
References (8)
Core 8
Core References
Exploit, Third Party Advisory x_refsource_misc
http://www.talosintelligence.com/reports/TALOS-2016-0164/
Exploit, Third Party Advisory x_refsource_misc
http://blog.talosintel.com/2016/06/esnet-vulnerability.html
Release Notes, Third Party Advisory x_refsource_confirm
http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released
Third Party Advisory x_refsource_confirm
https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc
Patch, Third Party Advisory x_refsource_confirm
https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2016-08/msg00082.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2016-08/msg00090.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/01/msg00023.html
Scores
CVSS v3
9.8
EPSS
0.0573
EPSS Percentile
90.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (5)
debian/debian_linux
8.0
es/iperf3
3.0 - 3.0.12
novell/suse_package_hub_for_suse_linux_enterprise
12
opensuse/leap
42.1
opensuse/opensuse
13.2
Published
Sep 26, 2016
Tracked Since
Feb 18, 2026