PT-2022-20172 · V-Server+1 · V-Server+1

Michael Heinzl

Published

2022-06-16

Updated

2022-06-27

CVE-2022-30549

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions V-Server versions 4.0.11.0 and earlier V-Server Lite versions 4.0.13.0 and earlier

Description An out-of-bounds read issue exists, which may allow an attacker to obtain information and/or execute arbitrary code by having a user open a specially crafted image file.

Recommendations For V-Server versions 4.0.11.0 and earlier, update to a version later than 4.0.11.0 to resolve the issue. For V-Server Lite versions 4.0.13.0 and earlier, update to a version later than 4.0.13.0 to resolve the issue. As a temporary workaround, consider restricting the opening of image files from untrusted sources until a patch is available.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2022-30549

Affected Products

V-Server

V-Server Lite

PT-2022-20172 · V-Server+1 · V-Server+1

CVE-2022-30549

Weakness Enumeration

Related Identifiers

Affected Products

References · 6