CVE-2017-12481 (NVD)

2017-08-04

The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Products Ledger
Type Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)
First patch - None (likely due to unavailable code)
Links http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00031.html
http://bugs.ledger-cli.org/show_bug.cgi?id=1222