Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
YottaDB 安全漏洞
Vulnerability Description
YottaDB是美国YottaDB公司的一个实时数据库。 YottaDB r1.32 和 V7.0-000 之前版本存在安全漏洞,攻击者可以调用 $Extract 来强制保存缓冲区大小的有符号整数采用较大的负数,然后将其用作堆栈上发生的 memcpy 调用的长度,从而导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A