Описание
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can manipulate the value of a function pointer used in op_write in sr_port/op_write.c in order to gain control of the flow of execution.
Ссылки
- ExploitRelease NotesThird Party Advisory
- ExploitRelease NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.0-000 (включая)Версия до 1.32 (включая)
Одно из
cpe:2.3:a:fisglobal:gt.m:*:*:*:*:*:*:*:*
cpe:2.3:a:yottadb:yottadb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01018
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can manipulate the value of a function pointer used in op_write in sr_port/op_write.c in order to gain control of the flow of execution.
EPSS
Процентиль: 77%
0.01018
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo