CVE-2012-0219

Name of the Vulnerable Software and Affected Versions socat versions 1.4.0.0 through 1.7.2.0 socat versions 2.0.0-b1 through 2.0.0-b4

Description A heap-based buffer overflow issue exists in the xioscan readline function, located in the xio-readline.c file. This allows local users to execute arbitrary code via the READLINE address.

Recommendations For socat versions 1.4.0.0 through 1.7.2.0, update to a version outside of this range to resolve the issue. For socat versions 2.0.0-b1 through 2.0.0-b4, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the xioscan readline function in the xio-readline.c file until a patch is available.