PT-2026-6816 · Unknown · Asc Timetables

Ismael Nava

Publicado

2026-02-06

Atualizado

2026-02-07

CVE-2020-37109

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions aSc TimeTables version 2020.11.4

Description The application can be crashed, leading to a denial of service, by overwriting the Subject title field with a large buffer. An attacker can generate a 1000-character buffer and paste it into the Subject title to trigger an application crash and potential instability. The vulnerable field is the Subject title.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120

Identificadores relacionados

CVE-2020-37109

Produtos afetados

Asc Timetables

PT-2026-6816 · Unknown · Asc Timetables

CVE-2020-37109

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6