Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8972

Опубликовано: 29 окт. 2016
Источник: redhat
CVSS3: 7.8
CVSS2: 5.1

Описание

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6gnuchessNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=1395209gnuchess: Stack-based buffer overflow on user move input

7.8 High

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8972

CVSS3: 9.8
ubuntu
около 9 лет назад

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.

nvd логотип

CVE-2015-8972

CVSS3: 9.8
nvd
около 9 лет назад

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.

debian логотип

CVE-2015-8972

CVSS3: 9.8
debian
около 9 лет назад

Stack-based buffer overflow in the ValidateMove function in frontend/m ...

suse-cvrf логотип

openSUSE-SU-2016:2888-1

suse-cvrf
около 9 лет назад

Security update for gnuchess

github логотип

GHSA-m3c3-j429-9q78

CVSS3: 9.8
github
больше 3 лет назад

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.

7.8 High

CVSS3

5.1 Medium

CVSS2