Описание
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 3.1.7 (включая)
Одно из
cpe:2.3:a:tptest:tptest:*:*:*:*:*:*:*:*
cpe:2.3:a:tptest:tptest:5.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09656
Низкий
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 93%
0.09656
Низкий
10 Critical
CVSS2
Дефекты
CWE-119