CVE-2023-23456

Published: 12/01/2023 Updated: 19/04/2024

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

A heap-based buffer overflow issue exists in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an malicious user to cause a denial of service (abort) via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
upx project upx
fedoraproject fedora 36
fedoraproject fedora 37

Debian Bug report logs - #1033258 upx-ucl: CVE-2023-23456 Package: src:upx-ucl; Maintainer for src:upx-ucl is Robert Luberda <robert@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Mon, 20 Mar 2023 19:27:01 UTC Severity: grave Tags: security, upstream Forwarded to githubcom/upx/upx/is ...

CWE-787 https://bugzilla.redhat.com/show_bug.cgi?id=2160381 https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4 https://github.com/upx/upx/issues/632 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033258 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-23456

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect