CVE-2017-7274
MEDIUMradare2 <1.3.0 - DoS
Title source: llmDescription
The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.
Scores
CVSS v3
5.5
EPSS
0.0023
EPSS Percentile
45.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Classification
CWE
CWE-476
Status
published
Affected Products (2)
n/a/n/a
radare/radare2
Timeline
Published
Mar 27, 2017
Tracked Since
Feb 18, 2026