Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
GTKWave 安全漏洞
Vulnerability Description
GTKWave是GTKWave公司的一款功能齐全、基于 GTK+ 的波形查看器。 GTKWave 3.3.115版本存在安全漏洞,该漏洞源于数组索引验证不正确。攻击者利用该漏洞通过特制的 .evcd 文件导致任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A