CVE-2018-4012

An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud server to trigger this vulnerability.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:webroot:brightcloud:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-01-03 22:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-4012

Mitre link : CVE-2018-4012

CVE.ORG link : CVE-2018-4012


JSON object : View

Products Affected

webroot

  • brightcloud
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer