CVE-2019-15234

HIGH

Shareit < 4.0.6.177 - Resource Allocation Without Limits

Title source: rule

Description

SHAREit through 4.0.6.177 does not check the full message length from the received packet header (which is used to allocate memory for the next set of data). This could lead to a system denial of service due to uncontrolled memory allocation. This is different from CVE-2019-14941.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://shareit.one/blog/

Exploit, Third Party Advisory x_refsource_misc

https://github.com/nathunandwani/shareit-cwe-789

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0037

EPSS Percentile 58.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-770

Status published

Products (1)

ushareit/shareit < 4.0.6.177

Published Apr 27, 2020

Tracked Since Feb 18, 2026