GNU Chess 6.2.7 allows malicious users to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu chess 6.2.7 |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |