PT-2019-13742 · Gnu+1 · Gnucobol+1
Published
2019-08-02
·
Updated
2021-04-28
·
CVE-2019-14541
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
GnuCOBOL version 2.2
Description
The issue is a stack-based buffer overflow in the
cb encode program id function, located in cobc/typeck.c, which can be triggered by crafted COBOL source code.Recommendations
For GnuCOBOL version 2.2, consider applying a patch or fix that addresses the buffer overflow in the
cb encode program id function to prevent potential exploitation.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Gnucobol