CVE-2023-52729

{"id": "CVE-2023-52729", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-05-04T22:15:46.717", "references": [{"url": "https://github.com/kashimAstro/SimpleNetwork/issues/23", "source": "cve@mitre.org"}, {"url": "https://github.com/kashimAstro/SimpleNetwork/issues/23", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\\0' to the end of long msg data. It can be exploited via crafted TCP packets."}, {"lang": "es", "value": "TCPServer.cpp en SimpleNetwork hasta 29bc615 tiene un error uno por uno que provoca un desbordamiento del b\u00fafer al intentar agregar '\\0' al final de datos de mensajes largos. Puede explotarse mediante paquetes TCP manipulados."}], "lastModified": "2024-11-21T08:40:27.670", "sourceIdentifier": "cve@mitre.org"}