cvedb.io
CVE-2017-3158
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2018-01-18T20:29:00.257 · Last modified 2026-06-17T01:17:38.367

Summary

A race condition in Guacamole's terminal emulator in versions 0.9.5 through 0.9.10-incubating could allow writes of blocks of printed data to overlap. Such overlapping writes could cause packet data to be misread as the packet length, resulting in the remaining data being written beyond the end of a statically-allocated buffer.

Affected products

apache — guacamole

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.