An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
References
Configurations
History
15 Sep 2022, 05:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CPE | cpe:2.3:a:gnu:pspp:1.6.2:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References |
|
|
References | (MISC) https://savannah.gnu.org/bugs/index.php?63000 - Exploit, Issue Tracking, Vendor Advisory |
06 Sep 2022, 04:07
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-05 05:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-39832
Mitre link : CVE-2022-39832
CVE.ORG link : CVE-2022-39832
JSON object : View
Products Affected
gnu
- pspp
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write