exploitDog

CVE-2021-32471

Опубликовано: 10 мая 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."

Ссылки

https://arxiv.org/abs/2105.02124
Third Party Advisory
https://github.com/intrinsic-propensity/turing-machine
Exploit
Third Party Advisory
https://arxiv.org/abs/2105.02124
Third Party Advisory
https://github.com/intrinsic-propensity/turing-machine
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mit:universal_turing_machine:-:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05434

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-wqw3-6p9p-84x8

github

больше 3 лет назад

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."

EPSS

Процентиль: 90%

0.05434

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-20