cvedb.io
CVE-2018-1000524
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2018-06-26T16:29:01.507 · Last modified 2026-06-17T01:32:50.353

Summary

miniSphere version 5.2.9 and earlier contains a Integer Overflow vulnerability in layer_resize() function in map_engine.c that can result in remote denial of service. This attack appear to be exploitable via the victim must load a specially-crafted map which calls SetLayerSize in its entry script. This vulnerability appears to have been fixed in 5.0.3, 5.1.5, 5.2.10 and later.

Affected products

spheredev — minisphere

Does this affect you?

Add your gear to cvedb and we'll alert you only when spheredev ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.