vulnerability

FreeBSD: VID-28481349-7E20-4F80-AE1E-E6BF48D4F17C (CVE-2020-12863): Sane -- Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:A/AC:L/Au:N/C:P/I:N/A:N)	05/17/2020	05/29/2020	10/20/2020

Severity

CVSS

(AV:A/AC:L/Au:N/C:P/I:N/A:N)

Published

05/17/2020

Added

05/29/2020

Modified

10/20/2020

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-28481349-7E20-4F80-AE1E-E6BF48D4F17C:

The Sane Project reports:

epson2: fixes CVE-2020-12867 (GHSL-2020-075) and several memory management issues found while addressing that CVE

epsonds: addresses out-of-bound memory access issues to fix CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084) and disables network autodiscovery to mitigate CVE-2020-12866 (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 (GHSL-2020-081). Note that this backend does not support network scanners to begin with.

magicolor: fixes a floating point exception and uninitialized data read

fixes an overflow in sanei_tcp_read()

Solution

freebsd-upgrade-package-sane-backends

References

NVD-CVE-2020-12863

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today