CVE-2018-20673

Sažetak

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Reference

http://www.securityfocus.com/bid/106454
https://sourceware.org/bugzilla/show_bug.cgi?id=24039

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

04-01-2019 - 18:29