Описание
Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file.
Ссылки
- PatchUS Government Resource
- PatchUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 9.5.0 (включая)
Одно из
cpe:2.3:a:att:connect_participant_application:*:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:8.5.71:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:8.9.35:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:9.0.82:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:9.2.0:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:9.3.0:*:*:*:*:*:*:*
cpe:2.3:a:att:connect_participant_application:9.3.14:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05855
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file.
EPSS
Процентиль: 90%
0.05855
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-119