Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malformed PID_PROPERTY_LIST parameter in DATA submessage remotely crashes OpenDDS
Vulnerability Description
OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed `PID_PROPERTY_LIST` in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Object Computing OpenDDS 输入验证错误漏洞
Vulnerability Description
Object Computing OpenDDS是美国Object Computing公司的一个用于 C++ 和 Java 应用程序的开源中间件框架。 OpenDDS 3.25之前版本存在输入验证错误漏洞,该漏洞源于解析DATA子消息中存在错误,攻击者可以通过向已知的端口发送包含格式错误参数的DATA子消息来远程破坏OpenDDS进程。
CVSS Information
N/A
Vulnerability Type
N/A