CVE-2019-14274

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions MCPP version 2.7.2

Description The issue is a heap-based buffer overflow in the do msg() function located in support.c. This overflow can potentially lead to arbitrary code execution, allowing an attacker to execute malicious code on the affected system.

Recommendations For MCPP version 2.7.2, as a temporary workaround, consider disabling the do msg() function until a patch is available. However, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

AZL-34973

AZL-6679

CVE-2019-14274

OPENSUSE-SU-2020:0382-1

OPENSUSE-SU-2020:0391-1

OPENSUSE-SU-2020_0382-1

OPENSUSE-SU-2024:11044-1

ROSA-SA-2025-2565

Affected Products

Mcpp

Suse

CVE-2019-14274

Weakness Enumeration

Related Identifiers

Affected Products

References · 23