PT-2019-13577 · Mcpp+1 · Mcpp+1

Frederic Cambus

Publicado

2019-07-26

Atualizado

2025-01-13

CVE-2019-14274

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions MCPP version 2.7.2

Description The issue is a heap-based buffer overflow in the do msg() function located in support.c. This overflow can potentially lead to arbitrary code execution, allowing an attacker to execute malicious code on the affected system.

Recommendations For MCPP version 2.7.2, as a temporary workaround, consider disabling the do msg() function until a patch is available. However, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

AZL-34973

AZL-6679

CVE-2019-14274

OPENSUSE-SU-2020:0382-1

OPENSUSE-SU-2020:0391-1

OPENSUSE-SU-2020_0382-1

OPENSUSE-SU-2024:11044-1

ROSA-SA-2025-2565

Produtos afetados

Mcpp

Suse

PT-2019-13577 · Mcpp+1 · Mcpp+1

CVE-2019-14274

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 23