CVE-2020-17361

Name of the Vulnerable Software and Affected Versions ReadyTalk Avian version 1.2.0

Description An issue was discovered in the vm::arrayCopy method defined in classpath-common.h, which returns silently when a negative length is provided, instead of throwing an exception. This could result in data being lost during the copy, with varying consequences depending on the subsequent use of the destination buffer. The issue only affects products that are no longer supported by the maintainer.

Recommendations For ReadyTalk Avian version 1.2.0, consider disabling the vm::arrayCopy method until a patch is available, or apply alternative mitigation measures to prevent potential data loss. At the moment, there is no information about a newer version that contains a fix for this vulnerability.