CVE-2021-22545
7.5
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Summary
An attacker can craft a specific IdaPro *.i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Google LLC | Bindiff | unspecified < 7.0 | affected |
Weaknesses
- CWE-416: CWE-416 Use After Free
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.