{"containers":{"cna":{"providerMetadata":{"orgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","shortName":"intel","dateUpdated":"2023-05-12T13:18:44.728Z"},"problemTypes":[{"descriptions":[{"lang":"en","description":"Escalation of Privilege and/or Denial of Service"},{"lang":"en","description":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","cweId":"CWE-120","type":"CWE"}]}],"affected":[{"vendor":"n/a","product":"Extensible Firmware Interface Development Kit (EDK II)","versions":[{"status":"affected","version":"N/A"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access."}],"references":[{"name":"https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html","url":"https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_0":{"version":"3.0","baseScore":8.7,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T17:44:14.514Z"},"title":"CVE Program Container","references":[{"name":"https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html","url":"https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html","tags":["x_transferred"]}]}]},"cveMetadata":{"assignerOrgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","assignerShortName":"intel","cveId":"CVE-2019-0160","datePublished":"2019-03-27T19:20:26.000Z","dateReserved":"2018-11-13T00:00:00.000Z","dateUpdated":"2024-08-04T17:44:14.514Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}