CVE-2015-5957

Name of the Vulnerable Software and Affected Versions Remind versions prior to 3.1.15

Description The issue is related to a buffer overflow in the DumpSysVar function, located in var.c, which can be exploited by attackers to have an unspecified impact via a long name. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations For versions prior to 3.1.15, update to version 3.1.15 or later to resolve the issue. As a temporary workaround, consider restricting input to prevent long names from being processed by the DumpSysVar function until a patch is available.