Lucene search

Veracode Vulnerability DatabaseVERACODE:28900

HistoryJan 06, 2021 - 4:27 a.m.

Buffer Overflow

2021-01-0604:27:52

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

adplug

buffer overflow

cmtkloader::load()

mtk.cpp

remote attackers

heap-based

validation

software

EPSS

0.003

Percentile

70.6%

JSON

AdPlug is vulnerable to buffer overflow. Lack of validations in ‘CmtkLoader::load()’ in ‘mtk.cpp’ allows remote attackers to cause multiple heap-based buffer overflows.

References

bugzilla.redhat.com/show_bug.cgi?id=1778711

github.com/adplug/adplug/commit/8342139c09178823dba3f3bbd8b53d0ea0c72de9

github.com/adplug/adplug/issues/90

lists.fedoraproject.org/archives/list/[email protected]/message/Q32A64R2APAC5PXIMSYIEFDQX5AD4GAS/

lists.fedoraproject.org/archives/list/[email protected]/message/U3PW6PLDTPSQQRHKTU2FB72SUB4Q66NE/

EPSS

0.003

Percentile

70.6%

JSON

Related for VERACODE:28900