CVE-2004-1258Improper Restriction of Operations within the Bounds of a Memory Buffer in Abcm2ps

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
4.9%
top 10.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Abcm2ps Project Abcm2psDebian Abcm2psMoinejf Abcm2ps
Timeline
PublishedJan 10
Latest updateApr 29

Description

Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

debiandebian/abcm2ps< abcm2ps 4.8.5-1 (bookworm)
Debianabcm2ps_project/abcm2ps< 4.8.5-1+3
NVDmoinejf/abcm2ps3.7.20

🔴Vulnerability Details

2
GHSA
GHSA-c4fg-crf2-687w: Buffer overflow in the put_words function in subs2022-04-29
OSV
CVE-2004-1258: Buffer overflow in the put_words function in subs2005-01-10

📋Vendor Advisories

1
Debian
CVE-2004-1258: abcm2ps - Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows re...2004