PT-2023-21765 · Rocket · Unidata+1

Ron Bowes

Publicado

2023-03-29

Atualizado

2023-04-06

CVE-2023-28504

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Rocket Software UniData versions prior to 8.2.4 build 3003 Rocket Software UniVerse versions prior to 11.3.5 build 1001 Rocket Software UniVerse versions prior to 12.2.1 build 2002

Description The issue is a stack-based buffer overflow that can lead to remote code execution as the root user.

Recommendations For Rocket Software UniData versions prior to 8.2.4 build 3003, update to version 8.2.4 build 3003 or later. For Rocket Software UniVerse versions prior to 11.3.5 build 1001, update to version 11.3.5 build 1001 or later. For Rocket Software UniVerse versions prior to 12.2.1 build 2002, update to version 12.2.1 build 2002 or later.

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-120

Identificadores relacionados

CVE-2023-28504

Produtos afetados

Unidata

Universe

PT-2023-21765 · Rocket · Unidata+1

CVE-2023-28504

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4