Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
AT&T Labs Xmill 缓冲区错误漏洞
Vulnerability Description
AT&T Labs Xmill是美国AT&T Labs实验室的一种用于高效压缩 XML 数据的新工具。 AT&T Labs Xmill 0.7 的 XML Decompression DecodeTreeBlock 功能中存在安全漏洞,攻击者可以提供特制的 XMI 文件导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A