CVE-2010-4743 — Out-of-bounds Write in Abcm2ps

CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

6.8MEDIUMNVD

OSV7.5

EPSS

4.1%

top 11.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Abcm2ps Project Abcm2ps Moinejf Abcm2ps Debian Abcm2ps +1 more

Timeline

PublishedFeb 18

Latest updateMay 13

Description

Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/abcm2ps< abcm2ps 5.9.22-1 (bookworm)

▶NVDmoinejf/abcm2ps< 5.9.13

▶Debianabcm2ps_project/abcm2ps< 5.9.22-1+3

Also affects: Fedora 13, 14

Patches

Patch: bugs.debian.org ↗Patch: bugs.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-hh8f-g344-97jg: Heap-based buffer overflow in the getarena function in abc2ps↗2022-05-13

▶

OSV

CVE-2010-4743: Heap-based buffer overflow in the getarena function in abc2ps↗2011-02-18

▶

📋Vendor Advisories

Debian

CVE-2010-4743: abcm2ps - Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps befor...↗2010

▶

💬Community

Bugzilla

CVE-2010-4743 CVE-2010-4744 Abcm2ps v5.9.13: Multiple security vulnerabilities↗2010-06-05

▶