[Japanese] | |
JVNDB-2016-000001 | |
DX Library vulnerable to buffer overflow | |
Overview | |
DX Library is an open source library for creating Windows application. DX Library contains a buffer overflow vulnerability due to a flaw in processing an inner function CL_vsprintf(). | |
CVSS Severity (What is CVSS?) | |
CVSS V3 Severity:
Base Metrics 8.1 (High) [IPA Score]
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
| |
Affected Products | |
| |
Takumi Yamada | |
| |
Impact | |
When processing a specially crafted string, an application built using DX Library may allow an arbitrary code to be executed with the privilege of the user running the application. | |
Solution | |
[Update DX Library and rebuild the application] | |
Vendor Information | |
Takumi Yamada | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2016/01/05 |
Date First Published | 2016/01/05 |
Date Last Updated | 2016/06/08 |