Bloodshed Dev-C++ CPP Source File Buffer Overflow Vulnerability
BID:22315
Info
Bloodshed Dev-C++ CPP Source File Buffer Overflow Vulnerability
| Bugtraq ID: | 22315 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0643 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 30 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | The discovery of this issue is credited to shinnai <[email protected]>. |
| Vulnerable: |
Bloodshed Software Dev-C++ 4.9.9 .2 |
| Not Vulnerable: | |
Discussion
Bloodshed Dev-C++ CPP Source File Buffer Overflow Vulnerability
Bloodshed Dev-C++ is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users, and may be able to execute arbitrary machine code, but this has not been confirmed.
Bloodshed Dev-C++ version 4.9.9.2 is affected by this issue; other versions may also be vulnerable.
Bloodshed Dev-C++ is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users, and may be able to execute arbitrary machine code, but this has not been confirmed.
Bloodshed Dev-C++ version 4.9.9.2 is affected by this issue; other versions may also be vulnerable.
Exploit / POC
Bloodshed Dev-C++ CPP Source File Buffer Overflow Vulnerability
The following exploit code is available.
The following exploit code is available.
Solution / Fix
Bloodshed Dev-C++ CPP Source File Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Bloodshed Dev-C++ CPP Source File Buffer Overflow Vulnerability
References:
References:
- Dev-C++ Product Page (Bloodshed Software)