Published: 31/05/2019 Updated: 03/06/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

An issue exists in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to a one-byte out-of-bounds write in the gsym_addr function in x86_64-gen.c. This occurs because tccasm.c mishandles section switches.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tinycc tinycc 0.9.27

Debian Bug report logs - #929872 tcc: CVE-2019-12495 Package: src:tcc; Maintainer for src:tcc is Thomas Preud'homme <robotux@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 2 Jun 2019 09:03:02 UTC Severity: normal Tags: security, upstream Found in version tcc/0927-8 Forwarded to h ...

CWE-787 https://repo.or.cz/tinycc.git/commit/d04ce7772c2bc2781ab2502e0b1f1964488814b5 https://lists.nongnu.org/archive/html/tinycc-devel/2019-05/msg00044.html http://www.securityfocus.com/bid/108541 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929872 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-12495

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect