PT-2026-28748 · Mxml · Mxml

Mthg

Publicado

2026-01-01

Atualizado

2026-04-11

CVE-2026-5037

CVSS v3.1

3.3

Baixa

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions mxml versions up to 4.0.4

Description A flaw exists in mxml up to version 4.0.4 related to a stack-based buffer overflow. The issue resides within the index sort function in the mxml-index.c file, specifically within the mxmlIndexNew component. Manipulation of the tempr argument can trigger the overflow, limiting exploitation to local execution. The exploit has been publicly disclosed.

Recommendations Apply patch 6e27354466092a1ac65601e01ce6708710bb9fa5 to remediate this issue.

Exploit

Correção

Stack Overflow

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121CWE-119

Identificadores relacionados

CVE-2026-5037

OESA-2026-1860

Produtos afetados

Mxml

PT-2026-28748 · Mxml · Mxml

CVE-2026-5037

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 17