1
Candidate: CVE-2017-2895
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2895
5
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0402
7
An exploitable arbitrary memory read vulnerability exists in the MQTT
8
packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted
9
MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read
10
potentially resulting in information disclosure and denial of service. An
11
attacker needs to send a specially crafted MQTT packet over the network to
12
trigger this vulnerability.
15
sbeattie> mongoose is used on windows only to serve up content for
24
upstream_smplayer: needs-triage
25
precise/esm_smplayer: DNE
26
trusty_smplayer: not-affected (windows only)
27
xenial_smplayer: not-affected (windows only)
28
zesty_smplayer: not-affected (windows only)
29
artful_smplayer: not-affected (windows only)
30
devel_smplayer: not-affected (windows only)