7.5
CVSSv2

CVE-2020-6072

Published: 24/03/2020 Updated: 26/03/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Videolabs libmicrodns could allow a remote malicious user to execute arbitrary code on the system, caused by the failure to check the rr_decode function's return value when parsing compressed labels in mDNS messages in the label-parsing functionality. By sending an mDNS message, an attacker could exploit this vulnerability to trigger a double free, leading to arbitrary code execution the system.

Vulnerability Trend

Affected Products

Vendor Product Versions
VideolabsLibmicrodns0.1.0