PT-2019-13786 · Adplug Team · Adplug

Alexander Miller

Publicado

2019-08-06

Atualizado

2021-02-22

CVE-2019-14692

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AdPlug version 2.3.1

Description The issue is a heap-based buffer overflow in the load() function of the CmkjPlayer class, located in the mkj.cpp file.

Recommendations For AdPlug version 2.3.1, consider avoiding the use of the load() function in the CmkjPlayer class until a patch is available. As a temporary workaround, restricting access to the mkj.cpp file or the CmkjPlayer class may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2019-14692

OPENSUSE-SU-2024:12762-1

Produtos afetados

Adplug

PT-2019-13786 · Adplug Team · Adplug

CVE-2019-14692

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10