Описание
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| unadf | fixed | 0.7.11a-6 | package | |
| unadf | fixed | 0.7.11a-5+deb12u1 | bookworm | package |
| unadf | fixed | 0.7.11a-4+deb11u1 | bullseye | package |
Примечания
Fixed by: https://github.com/lclevy/ADFlib/commit/8e973d7b894552c3a3de0ccd2d1e9cb0b8e618dd
The changes between 0.7.11a-3 and 0.7.11a-4 did not include the upstream fix.
EPSS
Процентиль: 96%
0.27593
Средний
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 9 лет назад
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
CVSS3: 9.8
nvd
больше 9 лет назад
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
CVSS3: 9.8
github
больше 3 лет назад
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
EPSS
Процентиль: 96%
0.27593
Средний