PT-2018-9232 · Nasa · Nasa Singledop
Publicado
2018-02-09
·
Atualizado
2018-03-01
·
CVE-2018-1000045
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
NASA Singledop version v1.0
Description:
The issue is related to a remote code execution flaw in the NASA Singledop library, specifically affecting the Weather data component. This can be exploited when a victim opens a specially crafted radar data file, allowing for potential remote code execution.
Recommendations:
For NASA Singledop version v1.0, update to version v1.1 to resolve the issue.
Correção
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nasa Singledop