PT-2023-21768 · Rocket · Unidata+1
Ron Bowes
·
Published
2023-03-29
·
Updated
2023-04-06
·
CVE-2023-28508
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Rocket Software UniData versions prior to 8.2.4 build 3003
Rocket Software UniVerse versions prior to 11.3.5 build 1001
Rocket Software UniVerse versions prior to 12.2.1 build 2002
Description
The issue is a heap-based overflow vulnerability. Certain input can corrupt the heap and crash the forked process.
Recommendations
For Rocket Software UniData versions prior to 8.2.4 build 3003, update to version 8.2.4 build 3003 or later.
For Rocket Software UniVerse versions prior to 11.3.5 build 1001, update to version 11.3.5 build 1001 or later.
For Rocket Software UniVerse versions prior to 12.2.1 build 2002, update to version 12.2.1 build 2002 or later.
Fix
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Unidata
Universe