vulnerability
FreeBSD: VID-b8ee7a81-a879-4358-9b30-7dd1bd4c14b1 (CVE-2016-10196): libevent -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Apr 19, 2017 | Apr 20, 2017 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Apr 19, 2017
Added
Apr 20, 2017
Modified
Dec 10, 2025
Description
Debian Security reports: CVE-2016-10195: The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read. CVE-2016-10196: Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument. CVE-2016-10197: The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
Solutions
freebsd-upgrade-package-libeventfreebsd-upgrade-package-libevent2freebsd-upgrade-package-linux-c6-libevent2freebsd-upgrade-package-linux-c7-libevent
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.