PT-2015-5894 · Byzanz+1 · Byzanz+1
Murray Mcallister
·
Publicado
2015-03-29
·
Atualizado
2015-03-30
·
CVE-2015-2785
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Byzanz (affected versions not specified)
Description
The issue concerns a crafted Byzanz debug data recording (ByzanzRecording file) that can be used to cause a denial of service or possibly execute arbitrary code when played back using the byzanz-playback command. This is due to an out-of-bounds heap write in the GIF encoder.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Byzanz
Debian