CWE-509
Replicating Malicious Code (Virus or Worm)
Replicating malicious code, including viruses and worms, will attempt to attack other systems once it has successfully compromised the target system or the product.
CVE-2017-16127 (GCVE-0-2017-16127)
Vulnerability from cvelistv5
Published
2018-06-07 02:00
Modified
2024-09-16 22:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-509 - Replicating Malicious Code (Virus or Worm) ()
Summary
The module pandora-doomsday infects other modules. It's since been unpublished from the registry.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HackerOne | pandora-doomsday node module |
Version: All versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pandora-doomsday node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2018-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The module pandora-doomsday infects other modules. It\u0027s since been unpublished from the registry."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-509",
"description": "Replicating Malicious Code (Virus or Worm) (CWE-509)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "pandora-doomsday node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The module pandora-doomsday infects other modules. It\u0027s since been unpublished from the registry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Replicating Malicious Code (Virus or Worm) (CWE-509)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/482",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16127",
"datePublished": "2018-06-07T02:00:00Z",
"dateReserved": "2017-10-29T00:00:00",
"dateUpdated": "2024-09-16T22:51:09.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Operation
Description:
- Antivirus software scans for viruses or worms.
Mitigation
Phase: Installation
Description:
- Always verify the integrity of the software that is being installed.
No CAPEC attack patterns related to this CWE.