PT-2018-4888 · Partclone · Partclone
David Gnedt
·
Publicado
2018-05-02
·
Atualizado
2018-06-06
·
CVE-2016-10721
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Partclone version 0.2.87
Description
The issue is due to insufficient validation of the partclone image header in the partclone.restore function, leading to a heap-based buffer overflow. This could allow an attacker to execute arbitrary code in the context of the user running the affected application.
Recommendations
For Partclone version 0.2.87, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Partclone