An issue exists in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows malicious users to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu pspp 1.6.2 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |