Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application crash by NULL pointer dereference) or possibly have unspecified other impact by crafting certain WebAssembly files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WAVM 安全漏洞
Vulnerability Description
WAVM是一款WebAssembly虚拟机。 WAVM 2018-09-16之前版本中存在安全漏洞,该漏洞源于Programs/wavm/wavm.cpp文件的‘run’函数没有检测Emscripten内存是否存有命令行参数。攻击者可通过构造WebAssembly文件利用该漏洞造成拒绝服务(空指针逆向引用和应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A