Description
A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.
References
https://cwe.mitre.org/data/definitions/122.html
Technical Description
https://github.com/radareorg/radare2-extras/pull/255
PatchThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-07-14T22:15:10.490
3 years agoLast modified
2022-10-26T13:48:08.803
2 years ago