PT-2015-3391 · Google+4 · Protobuf+4

Merlimat

Publicado

2015-08-27

Atualizado

2024-01-12

CVE-2015-5237

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions protobuf (affected versions not specified)

Description The issue is related to a heap-based buffer overflow that can be caused by remote authenticated attackers. It is associated with an error in handling an integer variable during the compilation of the protobuf library. This can potentially allow a remote attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-119

Identificadores relacionados

ALT-PU-2017-2591

BDU:2021-00232

CVE-2015-5237

ECHO-1CA1-F94C-B75C

GHSA-JWVW-V7C5-M82H

PYSEC-2017-150

PYSEC-2017-65

USN-5769-1

Produtos afetados

Alt Linux

Astra Linux

Debian

Ubuntu

Protobuf

PT-2015-3391 · Google+4 · Protobuf+4

CVE-2015-5237

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 86