Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FIS GT.M 缓冲区错误漏洞
Vulnerability Description
FIS GT.M是一个数据库平台。 FIS GT.M V7.0-000 之前版本存在安全漏洞,攻击者可以调用 $Extract 来强制保存缓冲区大小的有符号整数采用较大的负数,然后将其用作堆栈上发生的 memcpy 调用的长度,从而导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A