CVE-2017-7555

Summary

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.

Affected Software

VendorProductVersion RangeStatus
Red Hat, Inc.augeasup to and including 1.8.0affected

Weaknesses

  • CWE-122: CWE-122

ADP Enrichment

CVE Program Container

Additional References

References