CVE-2021-26635
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Bandisoft International Inc. | ark library | unspecified <= 7.17 | affected |
Weaknesses
- CWE-121: CWE-121 Stack-based Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.