PT-2012-2947 · Renren · Renren Talk
Published
2012-01-24
·
Updated
2012-01-25
·
CVE-2012-0915
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
RenRen Talk version 2.9
Description
The issue is caused by an integer signedness error that allows remote attackers to execute arbitrary code via crafted dimensions of a skin file. This leads to a heap-based buffer overflow, which can be demonstrated using a crafted BMP image.
Recommendations
For RenRen Talk version 2.9, update to a newer version that contains a fix for this issue to prevent remote attackers from executing arbitrary code.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Renren Talk