CVE-2017-7523

Summary

Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string.

Affected Software

VendorProductVersion RangeStatus
Red Hat, Inc.cygwinsince 1.7.2 up to 2.8.0affected

Weaknesses

  • CWE-787: CWE-787

ADP Enrichment

CVE Program Container

Additional References

References