Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
R 3.4.4 Windows x64 Buffer Overflow SEH DEP ASLR Bypass
Vulnerability Description
R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler chain pivot and execute arbitrary shellcode with application privileges.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
R 安全漏洞
Vulnerability Description
R是The R Foundation基金会的一个统计计算软件。 R 3.4.4版本存在安全漏洞,该漏洞源于GUI首选项语言菜单字段存在缓冲区溢出,可能导致本地攻击者绕过DEP和ASLR保护并执行任意shellcode。
CVSS Information
N/A
Vulnerability Type
N/A