Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
eCosCentric eCosPro RTOS Integer Overflow or Wraparound
Vulnerability Description
eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc (an implementation of malloc). The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
eCosCentric eCosPro 输入验证错误漏洞
Vulnerability Description
eCosCentric eCosPro是美国eCosCentric公司的一个应用软件。将商业嵌入式应用程序开发所需的功能集,稳定性和 支持质量与eCos结合在一起。 eCosCentric eCosPro 2.0.1 版本到 4.5.3 版本存在输入验证错误漏洞,该漏洞源于未验证的内存分配可能导致任意的内存分配,从而导致基于堆的缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A