The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
radare radare2 1.2.1 |