Описание
StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32_t(m_BufferSize-m_InputSize) even though m_InputSize can exceed m_BufferSize.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party Advisory
- Product
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.27 (исключая)
cpe:2.3:a:renderdoc:renderdoc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00188
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-190
CWE-190
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 2 лет назад
StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32_t(m_BufferSize-m_InputSize) even though m_InputSize can exceed m_BufferSize.
CVSS3: 9.8
debian
больше 2 лет назад
StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Inte ...
CVSS3: 9.8
github
больше 2 лет назад
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2).
EPSS
Процентиль: 41%
0.00188
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-190
CWE-190