Lucene search
Rapid7CVELIST:CVE-2023-28508HistoryMar 29, 2023 - 8:16 p.m.
CVE-2023-28508 Heap corruption in UniRPC service
2023-03-2920:16:46
CWE-120
rapid7
www.cve.org
heap corruption
unirpc service
unidata
universe
overflow vulnerability
heap-based
process crash
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "UniData",
"vendor": "Rocket Software",
"versions": [
{
"lessThan": "8.2.43.3003",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "UniVerse",
"vendor": "Rocket Software",
"versions": [
{
"lessThan": "11.3.5.1001",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "12.2.1.2002",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cve
cve
CVE-2023-28508
2023-03-29 21:15:08
nvd
nvd
CVE-2023-28508
2023-03-29 21:15:08
prion
prion
Heap overflow
2023-03-29 21:15:00
rapid7blog
rapid7blog
Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)
2023-03-29 15:21:09