Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2002-2439

Опубликовано: 23 окт. 2019
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:gnu:gcc:*:*:*:*:*:*:*:*
Версия до 4.8.0 (исключая)

EPSS

Процентиль: 30%
0.00106
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2002-2439

CVSS3: 7.8
ubuntu
больше 5 лет назад

operator new[] sometimes returns pointers to heap blocks which are too small. When a new array is allocated, the C++ run-time has to calculate its size. The product may exceed the maximum value which can be stored in a machine register. This error is ignored, and the truncated value is used for the heap allocation. This may lead to heap overflows and therefore security bugs. (See http://cert.uni-stuttgart.de/advisories/calloc.php for further references.)

redhat логотип

CVE-2002-2439

redhat
почти 23 года назад

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

debian логотип

CVE-2002-2439

CVSS3: 7.8
debian
больше 5 лет назад

Integer overflow in the new[] operator in gcc before 4.8.0 allows atta ...

github логотип

GHSA-mm8j-7g3h-x2mj

CVSS3: 7.8
github
около 3 лет назад

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

EPSS

Процентиль: 30%
0.00106
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-190