Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-35969

Опубликовано: 08 янв. 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of FST_BL_VCDATA and FST_BL_VCDATA_DYN_ALIAS section types.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:tonybybell:gtkwave:3.3.115:*:*:*:*:*:*:*

EPSS

Процентиль: 13%
0.00043
Низкий

7.8 High

CVSS3

Дефекты

CWE-119
CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2023-35969

CVSS3: 7.8
ubuntu
около 2 лет назад

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types.

debian логотип

CVE-2023-35969

CVSS3: 7.8
debian
около 2 лет назад

Multiple heap-based buffer overflow vulnerabilities exist in the fstRe ...

github логотип

GHSA-hp86-fc6r-wg46

CVSS3: 7.8
github
около 2 лет назад

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types.

EPSS

Процентиль: 13%
0.00043
Низкий

7.8 High

CVSS3

Дефекты

CWE-119
CWE-787