Note:
This project will be discontinued after December 13, 2021. [more]
2020-08-12
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Products | Avian |
Type | Out-of-bounds Read (CWE-125) Out-of-bounds Write (CWE-787) Integer Overflow or Wraparound (CWE-190) |
First patch | - None (likely due to unavailable code) |
Links |
• http://seclists.org/fulldisclosure/2020/Aug/8
• http://seclists.org/fulldisclosure/2020/Sep/11 • http://seclists.org/fulldisclosure/2020/Sep/13 • http://seclists.org/fulldisclosure/2020/Sep/14 • https://github.com/ReadyTalk/avian/issues |