The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
c-ares project c-ares 1.11.0 |
||
c-ares c-ares 1.9.1 |
||
c-ares c-ares 1.8.0 |
||
c-ares c-ares 1.10.0 |
||
c-ares c-ares 1.9.0 |
||
c-ares c-ares 1.12.0 |
||
nodejs node.js |