Integer Overflow Vulnerability in libmtp's ptp_unpack_EOS_CustomFuncEx Function

Integer Overflow Vulnerability in libmtp's ptp_unpack_EOS_CustomFuncEx Function

CVE-2017-9831 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.

Learn more about our Cis Benchmark Audit For Ibm I.