PT-2017-14125 · Gnu+2 · Gnu Libextractor+2
Leon Zhao
·
Publicado
2017-10-17
·
Atualizado
2020-11-23
·
CVE-2017-15601
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
GNU Libextractor version 1.4
Description
The issue is related to a heap-based buffer overflow in the
EXTRACTOR png extract method function, specifically in the processing of TXt and the use of stndup.Recommendations
For GNU Libextractor version 1.4, consider disabling the
EXTRACTOR png extract method function in plugins/png extractor.c until a patch is available.Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Gnu Libextractor
Ubuntu