漏洞标题
libzvbi _vbi_strndup_iconv 整型溢出漏洞
漏洞描述信息
在libzvbi 0.2.43及之前版本中发现了一个漏洞,该漏洞被评定为存在问题。此问题影响到函数_vbi_strndup_iconv。该漏洞可能导致整数溢出。攻击者可能远程利用此漏洞。该漏洞的利用代码已公开,可能会被利用。升级到0.2.44版本可以解决此问题。建议升级受影响的组件。已提前通知代码维护人员有关此问题,她反应迅速且非常专业。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
整数溢出或超界折返
漏洞标题
libzvbi _vbi_strndup_iconv integer overflow
漏洞描述信息
A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
漏洞类别
整数溢出或超界折返