exploitDog

CVE-2023-32270

Опубликовано: 19 июн. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Access of memory location after end of buffer issue exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

Ссылки

https://jvn.jp/en/vu/JVNVU98818508/
Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php
Release Notes
https://jvn.jp/en/vu/JVNVU98818508/
Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php
Release Notes

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fujielectric:tellus:4.0.15.0:*:*:*:*:*:*:*

cpe:2.3:a:fujielectric:tellus_lite:4.0.15.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00062

Низкий

7.8 High

CVSS3

Дефекты

CWE-119

CWE-125

Связанные уязвимости

GHSA-6hcr-fc2v-8wg6

CVSS3: 7.8

github

больше 2 лет назад

Access of memory location after end of buffer issue exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

EPSS

Процентиль: 19%

0.00062

Низкий

7.8 High

CVSS3

Дефекты

CWE-119

CWE-125