First published: Fri Aug 18 2017(Updated: )
There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU PSPP | =0.11.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-12961 is classified as a denial of service vulnerability that can lead to crashes and service disruptions.
To fix CVE-2017-12961, upgrade to GNU PSPP version 1.0.1 or later, which addresses this vulnerability.
CVE-2017-12961 is caused by an assertion abort in the parse_attributes() function in the libpspp library.
GNU PSPP versions prior to 1.0.1, including version 0.11.0, are affected by CVE-2017-12961.
Yes, CVE-2017-12961 allows for remote denial of service through crafted input that triggers the vulnerability.