PT-2020-20042 · Nextcloud+1 · Nextcloud Desktop Client+1
René Freingruber
+1
·
Published
2020-08-17
·
Updated
2022-09-27
·
CVE-2020-8230
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
NextCloud Desktop Client version 2.6.4
Description
A memory corruption issue exists due to missing Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) protections in the Windows version of the software, allowing memory corruption.
Recommendations
For NextCloud Desktop Client version 2.6.4, consider updating to a newer version that includes ASLR and DEP protections to prevent memory corruption.
Fix
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Nextcloud Desktop Client