PT-2020-8670 · Unknown · Ken Silverman Build Engine

Published

2020-03-02

Updated

2020-03-04

CVE-2018-20343

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Ken Silverman Build Engine version 1

Description: The issue concerns multiple buffer overflow vulnerabilities. An attacker could craft a special map file to execute arbitrary code when the map file is loaded.

Recommendations: For Ken Silverman Build Engine version 1, consider avoiding the use of map files from untrusted sources until a fix is available. As a temporary workaround, restrict the loading of map files to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2018-20343

Affected Products

Ken Silverman Build Engine

PT-2020-8670 · Unknown · Ken Silverman Build Engine

CVE-2018-20343

Weakness Enumeration

Related Identifiers

Affected Products

References · 4