Remote Code Execution (RCE)

2018-05-1408:57:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.004

Percentile

72.9%

JSON

libldns.so is vulnerable to remote code execution. A malicious user can pass a file to the ldns_fget_token_l in parse.c to cause a double-free, resulting in the application crashing or executing arbitrary code.

References

git.nlnetlabs.nl/ldns/commit/?id=c8391790

www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256

EPSS

0.004

Percentile

72.9%

JSON

Related for VERACODE:6291