{"id":"CVE-2017-9831","details":"An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.","modified":"2026-05-18T11:32:06.430365Z","published":"2017-06-24T00:29:00.180Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/04/msg00003.html"},{"type":"FIX","url":"https://sourceforge.net/p/libmtp/mailman/message/35735992/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libmtp/libmtp","events":[{"introduced":"0"},{"last_affected":"b14b8a0ea2371920030e84ffa0a7c2378c31f338"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:libmtp_project:libmtp:1.1.12:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"1.1.12"}]}}],"versions":["libmtp-1-1-12","libmtp-1-1-11","libmtp-1-1-10","libmtp-1-1-9","libmtp-1-1-8","libmtp-1-1-7","libmtp-1-1-6","libmtp-1-1-5","libmtp-1-1-4","libmtp-1-1-3","libmtp-1-1-2","libmtp-1-1-1","libmtp-1-1-0","libmtp-1-0-6","libmtp-1-0-5","libmtp-1-0-3","libmtp-1-0-2","libmtp-1-0-1","libmtp-1-0-0","libmtp-0-3-7","libmtp-0-3-6","libmtp-0-3-5","libmtp-0-3-4","libmtp-0-3-3","libmtp-0-3-2","libmtp-0-3-1","libmtp-0-3-0","libmtp-0-2-6-1","libmtp-0-2-6","libmtp-0-2-5","libmtp-0-2-4","libmtp-0-2-3","libmtp-0-2-2","libmtp-0-2-1","libmtp-0-2-0","libmtp-0-1-5","libmtp-0-1-4","libmtp-0-1-3","libmtp-0-1-2","libmtp-0-1-1","libmtp-0-1-0","libmtp-0-0-21","libmtp-0-0-20","libmtp-0-0-19","libmtp-0-0-18","libmtp-0-0-17","libmtp-0-0-16","libmtp-0-0-15","libmtp-0-0-14","libmtp-0-0-13","libmtp-0-0-12","libmtp-0-0-11","libmtp-0-0-9","libmtp-0-0-8","libmtp-0-0-7","libmtp-0-0-6","libmtp-0-0-4","libmtp-0-0-3","libmtp-0-0-2","libmtp-0-0-1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-9831.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}