CVE-2020-17360
N/A
N/A
Summary
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://github.com/ReadyTalk/avian/issues
- http://seclists.org/fulldisclosure/2020/Aug/8
- http://seclists.org/fulldisclosure/2020/Sep/11
- http://seclists.org/fulldisclosure/2020/Sep/14
- http://seclists.org/fulldisclosure/2020/Sep/13
References
- https://github.com/ReadyTalk/avian/issues
- http://seclists.org/fulldisclosure/2020/Aug/8
- http://seclists.org/fulldisclosure/2020/Sep/11
- http://seclists.org/fulldisclosure/2020/Sep/14
- http://seclists.org/fulldisclosure/2020/Sep/13
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.