Sane Backends
by Sane
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6318 | Hig | 0.49 | 7.5 | 0.03 | Mar 20, 2017 | saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. | ||
| CVE-2003-0777 | 0.00 | — | 0.02 | Sep 22, 2003 | saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault). | |||
| CVE-2003-0776 | 0.00 | — | 0.02 | Sep 22, 2003 | saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | |||
| CVE-2003-0778 | 0.00 | — | 0.02 | Sep 22, 2003 | saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption). |
- risk 0.49cvss 7.5epss 0.03
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
- CVE-2003-0777Sep 22, 2003risk 0.00cvss —epss 0.02
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
- CVE-2003-0776Sep 22, 2003risk 0.00cvss —epss 0.02
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
- CVE-2003-0778Sep 22, 2003risk 0.00cvss —epss 0.02
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).