PT-2023-21768 · Rocket · Unidata+1

Ron Bowes

Publicado

2023-03-29

Atualizado

2023-04-06

CVE-2023-28508

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Rocket Software UniData versions prior to 8.2.4 build 3003 Rocket Software UniVerse versions prior to 11.3.5 build 1001 Rocket Software UniVerse versions prior to 12.2.1 build 2002

Description The issue is a heap-based overflow vulnerability. Certain input can corrupt the heap and crash the forked process.

Recommendations For Rocket Software UniData versions prior to 8.2.4 build 3003, update to version 8.2.4 build 3003 or later. For Rocket Software UniVerse versions prior to 11.3.5 build 1001, update to version 11.3.5 build 1001 or later. For Rocket Software UniVerse versions prior to 12.2.1 build 2002, update to version 12.2.1 build 2002 or later.

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-120

Identificadores relacionados

CVE-2023-28508

Produtos afetados

Unidata

Universe

PT-2023-21768 · Rocket · Unidata+1

CVE-2023-28508

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5