CVE-2018-20375

Опубликовано: 23 дек. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the sym_pop function in tccgen.c.

Ссылки

https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html
Exploit
Mailing List
Third Party Advisory
https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tinycc:tinycc:0.9.27:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00165

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-20375

CVSS3: 5.5

ubuntu

около 7 лет назад

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the sym_pop function in tccgen.c.

CVE-2018-20375

CVSS3: 5.5

debian

около 7 лет назад

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...

GHSA-r345-v8vm-cxpg

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the sym_pop function in tccgen.c.

EPSS

Процентиль: 38%

0.00165

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787