Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AT&T Labs Xmill 缓冲区错误漏洞
Vulnerability Description
AT&T Labs Xmill是美国AT&T Labs实验室的一种用于高效压缩 XML 数据的新工具。 AT&T Labs Xmill存在缓冲区错误漏洞,该漏洞的存在是由于memcpy中的命令行解析HandleFileArg功能中的边界错误。本地用户可以使用一个特别制作的命令行参数,触发内存损坏并在目标系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A