Описание
SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. 0xffffffff is sign-extended to 0xffffffffffffffff (SIZE_MAX) and then there is an attempt to add 1.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party Advisory
- Product
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.27 (исключая)
cpe:2.3:a:renderdoc:renderdoc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00177
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-190
CWE-190
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 2 лет назад
SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. 0xffffffff is sign-extended to 0xffffffffffffffff (SIZE_MAX) and then there is an attempt to add 1.
CVSS3: 9.8
debian
больше 2 лет назад
SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow wit ...
CVSS3: 9.8
github
больше 2 лет назад
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2).
EPSS
Процентиль: 39%
0.00177
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-190
CWE-190