Описание
An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| openbabel | unfixed | package | ||
| openbabel | postponed | trixie | package | |
| openbabel | postponed | bookworm | package | |
| openbabel | no-dsa | bullseye | package | |
| openbabel | postponed | buster | package |
Примечания
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1667
https://github.com/openbabel/openbabel/issues/2650
Связанные уязвимости
An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость функции WriteMoleculeCSRFormat программного обеспечения преобразования форматов файлов химических веществ Open Babel, позволяющая нарушителю выполнить произвольный код