CVE-2018-7039

CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer data type causing a negative third argument in some cases of crafted TLV data with inconsistent length information.
References
Link Resource
https://github.com/cn-uofbasel/ccn-lite/issues/191 Technical Description
Configurations

Configuration 1 (hide)

cpe:2.3:a:ccn-lite:ccn-lite:2.0.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-02-14 19:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-7039

Mitre link : CVE-2018-7039

CVE.ORG link : CVE-2018-7039


JSON object : View

Products Affected

ccn-lite

  • ccn-lite
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer