CVE-2018-25154
8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| The GNU Project | Free Software Foundation, Inc. | GNU Barcode | 0.99 |
Weaknesses
- CWE-787: Out-of-bounds Write
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.exploit-db.com/exploits/44797
- https://www.gnu.org/software/barcode/
- https://directory.fsf.org/wiki/Barcode
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.