Описание
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | released | 0.11-1ubuntu0.1 |
| esm-apps/noble | released | 1.00-2ubuntu0.24.04.1 |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | released | 0.11-1ubuntu0.1 |
| noble | released | 1.00-2ubuntu0.24.04.1 |
| oracular | released | 1.00-2ubuntu0.24.10.1 |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment.
xfpt versions prior to 1.01 fails to handle appropriately some paramet ...
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment.
Уязвимость конвертора текста в структуру XML-файла XFPT, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3