Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function.
Metrics
Affected Vendors & Products
References
History
Thu, 14 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2024-01-08T14:48:01.458Z
Updated: 2024-11-14T16:51:42.532Z
Reserved: 2023-06-15T13:56:19.639Z
Link: CVE-2023-35704
Vulnrichment
Updated: 2024-08-02T16:30:43.962Z
NVD
Status : Modified
Published: 2024-01-08T15:15:10.180
Modified: 2024-11-21T08:08:32.723
Link: CVE-2023-35704
Redhat
No data.