CVE-2023-28504: Stack buffer overflow in UniRPC library function

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-28504

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Stack buffer overflow in UniRPC library function

Source: NVD (National Vulnerability Database)

Vulnerability Description

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Rocket Software UniData 和 UniVerse 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Rocket Software UniVerse和Rocket Software UniData都是美国Rocket Software公司的产品。Rocket Software UniVerse是一套现在由 Rocket Software 拥有的数据库管理和支持软件。Rocket Software UniData是一个 MultiValue 应用程序平台。用于从 Rocket Software 开发快速、灵活和安全的应用程序。 Rocket Software UniData 和 UniVerse存在安全漏

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Rocket Software	UniData	0 ~ 8.2.43.3003	-
Rocket Software	UniVerse	0 ~ 11.3.5.1001	-

II. Public POCs for CVE-2023-28504

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-28504

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: UniData

Same vendor: Rocket Software

Same weakness: CWE-120

V. Comments for CVE-2023-28504

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2023-28504

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-28504

III. Intelligence Information for CVE-2023-28504

IV. Related Vulnerabilities

V. Comments for CVE-2023-28504

Leave a comment