The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.
2017-07-07T17:29:00.307
2025-04-20T01:37:25.860
Deferred
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | c-ares | c-ares | 1.8.0 | Yes |
| Application | c-ares | c-ares | 1.9.0 | Yes |
| Application | c-ares | c-ares | 1.9.1 | Yes |
| Application | c-ares | c-ares | 1.10.0 | Yes |
| Application | c-ares | c-ares | 1.12.0 | Yes |
| Application | c-ares_project | c-ares | 1.11.0 | Yes |
| Application | c-ares_project | c-ares | 1.11.0 | Yes |
| Application | nodejs | node.js | ≤ 4.1.2 | Yes |
| Application | nodejs | node.js | < 4.8.4 | Yes |
| Application | nodejs | node.js | ≤ 5.12.0 | Yes |
| Application | nodejs | node.js | ≤ 6.8.1 | Yes |
| Application | nodejs | node.js | < 6.11.1 | Yes |
| Application | nodejs | node.js | < 7.10.1 | Yes |
| Application | nodejs | node.js | < 8.1.4 | Yes |