CVE-2020-25066Out-of-bounds Write in TCP IP

CWE-787Out-of-bounds Write3 documents3 sources
Severity
9.8CRITICALNVD
CNA10.0
EPSS
3.7%
top 11.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Treck TCP IP
Timeline
PublishedDec 22
Latest updateMay 24

Description

A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDtreck/tcp_ip< 6.0.1.68

🔴Vulnerability Details

2
GHSA
GHSA-gjv5-9xrv-6pww: A heap-based buffer overflow in the Treck HTTP Server component before 62022-05-24
CVEList
CVE-2020-25066: A heap-based buffer overflow in the Treck HTTP Server component before 62020-12-22
CVE-2020-25066 — Out-of-bounds Write in Treck TCP IP | cvebase