Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3785.NASL
HistoryApr 10, 2024 - 12:00 a.m.

Debian dla-3785 : gtkwave - security update

2024-04-1000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
debian 10
gtkwave 3.3.115
memory corruption
arbitrary code execution
integer overflow
buffer overflow
cve-2023-32650
cve-2023-34087
cve-2023-34436
cve-2023-35004
cve-2023-35057
cve-2023-35128
cve-2023-35702
cve-2023-35703
cve-2023-35704
cve-2023-35955
cve-2023-35956

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.001

Percentile

33.6%

JSON

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3785 advisory.

  • An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-32650)

  • An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-34087)

  • An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-34436)

  • An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35004)

  • An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35057)

  • An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35128)

  • Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function. (CVE-2023-35702)

  • Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function. (CVE-2023-35703)

  • Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function. (CVE-2023-35704)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function LZ4_decompress_safe_partial. (CVE-2023-35955)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function fastlz_decompress. (CVE-2023-35956)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function uncompress. (CVE-2023-35957)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function fstFread. (CVE-2023-35958)

  • Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns .ghw decompression.
    (CVE-2023-35959)

  • Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in vcd_main. (CVE-2023-35960)

  • Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in vcd_recorder_main. (CVE-2023-35961)

  • Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the vcd2vzt utility. (CVE-2023-35962)

  • Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the vcd2lxt2 utility. (CVE-2023-35963)

  • Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the vcd2lxt utility. (CVE-2023-35964)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of FST_BL_VCDATA and FST_BL_VCDATA_DYN_ALIAS section types. (CVE-2023-35969)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the FST_BL_VCDATA_DYN_ALIAS2 section type. (CVE-2023-35970)

  • An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35989)

  • An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35992)

  • Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part. (CVE-2023-35994)

  • Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1. (CVE-2023-35995)

  • Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0. (CVE-2023-35996)

  • Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more. (CVE-2023-35997)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of len in fstWritex when parsing the time table. (CVE-2023-36746)

  • Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of len in fstWritex when beg_time does not match the start of the time table.
    (CVE-2023-36747)

  • An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115.
    A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-36861)

  • An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-36864)

  • Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the chain_table array. (CVE-2023-36915)

  • Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the chain_table_lengths array. (CVE-2023-36916)

  • An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-37282)

  • Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI’s legacy VCD parsing code. (CVE-2023-37416)

  • Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI’s interactive VCD parsing code. (CVE-2023-37417)

  • Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. (CVE-2023-37418)

  • Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37419)

  • Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. (CVE-2023-37420)

  • Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI’s default VCD parsing code. (CVE-2023-37442)

  • Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI’s legacy VCD parsing code. (CVE-2023-37443)

  • Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI’s interactive VCD parsing code. (CVE-2023-37444)

  • Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. (CVE-2023-37445)

  • Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37446)

  • Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. (CVE-2023-37447)

  • Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI’s recoder (default) VCD parsing code. (CVE-2023-37573)

  • Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI’s legacy VCD parsing code. (CVE-2023-37574)

  • Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI’s interactive VCD parsing code. (CVE-2023-37575)

  • Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility. (CVE-2023-37576)

  • Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37577)

  • Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt conversion utility. (CVE-2023-37578)

  • Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
    A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility. (CVE-2023-37921)

  • Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
    A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37922)

  • Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
    A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt conversion utility. (CVE-2023-37923)

  • A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-38583)

  • Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the rows array. (CVE-2023-38618)

  • Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the msb array. (CVE-2023-38619)

  • Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the lsb array. (CVE-2023-38620)

  • Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the flags array. (CVE-2023-38621)

  • Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the len array. (CVE-2023-38622)

  • Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the vindex_offset array. (CVE-2023-38623)

  • Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. (CVE-2023-38648)

  • Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. (CVE-2023-38649)

  • Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero. (CVE-2023-38650)

  • Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. (CVE-2023-38651)

  • Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero. (CVE-2023-38652)

  • Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. (CVE-2023-38653)

  • An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-38657)

  • Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of- bounds write when looping over lt->numrealfacs. (CVE-2023-39234)

  • Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of- bounds write when looping over lt->num_time_ticks. (CVE-2023-39235)

  • Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the rows array. (CVE-2023-39270)

  • Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the msb array. (CVE-2023-39271)

  • Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the lsb array. (CVE-2023-39272)

  • Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the flags array. (CVE-2023-39273)

  • Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the len array. (CVE-2023-39274)

  • Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the value array. (CVE-2023-39275)

  • Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the string_pointers array. (CVE-2023-39316)

  • Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the string_lens array. (CVE-2023-39317)

  • Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation. (CVE-2023-39413)

  • Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation. (CVE-2023-39414)

  • Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. (CVE-2023-39443)

  • Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. (CVE-2023-39444)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3785. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(193132);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/10");

  script_cve_id(
    "CVE-2023-32650",
    "CVE-2023-34087",
    "CVE-2023-34436",
    "CVE-2023-35004",
    "CVE-2023-35057",
    "CVE-2023-35128",
    "CVE-2023-35702",
    "CVE-2023-35703",
    "CVE-2023-35704",
    "CVE-2023-35955",
    "CVE-2023-35956",
    "CVE-2023-35957",
    "CVE-2023-35958",
    "CVE-2023-35959",
    "CVE-2023-35960",
    "CVE-2023-35961",
    "CVE-2023-35962",
    "CVE-2023-35963",
    "CVE-2023-35964",
    "CVE-2023-35969",
    "CVE-2023-35970",
    "CVE-2023-35989",
    "CVE-2023-35992",
    "CVE-2023-35994",
    "CVE-2023-35995",
    "CVE-2023-35996",
    "CVE-2023-35997",
    "CVE-2023-36746",
    "CVE-2023-36747",
    "CVE-2023-36861",
    "CVE-2023-36864",
    "CVE-2023-36915",
    "CVE-2023-36916",
    "CVE-2023-37282",
    "CVE-2023-37416",
    "CVE-2023-37417",
    "CVE-2023-37418",
    "CVE-2023-37419",
    "CVE-2023-37420",
    "CVE-2023-37442",
    "CVE-2023-37443",
    "CVE-2023-37444",
    "CVE-2023-37445",
    "CVE-2023-37446",
    "CVE-2023-37447",
    "CVE-2023-37573",
    "CVE-2023-37574",
    "CVE-2023-37575",
    "CVE-2023-37576",
    "CVE-2023-37577",
    "CVE-2023-37578",
    "CVE-2023-37921",
    "CVE-2023-37922",
    "CVE-2023-37923",
    "CVE-2023-38583",
    "CVE-2023-38618",
    "CVE-2023-38619",
    "CVE-2023-38620",
    "CVE-2023-38621",
    "CVE-2023-38622",
    "CVE-2023-38623",
    "CVE-2023-38648",
    "CVE-2023-38649",
    "CVE-2023-38650",
    "CVE-2023-38651",
    "CVE-2023-38652",
    "CVE-2023-38653",
    "CVE-2023-38657",
    "CVE-2023-39234",
    "CVE-2023-39235",
    "CVE-2023-39270",
    "CVE-2023-39271",
    "CVE-2023-39272",
    "CVE-2023-39273",
    "CVE-2023-39274",
    "CVE-2023-39275",
    "CVE-2023-39316",
    "CVE-2023-39317",
    "CVE-2023-39413",
    "CVE-2023-39414",
    "CVE-2023-39443",
    "CVE-2023-39444"
  );

  script_name(english:"Debian dla-3785 : gtkwave - security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the
dla-3785 advisory.

  - An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave
    3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A
    victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-32650)

  - An improper array index validation vulnerability exists in the EVCD var len parsing functionality of
    GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger this vulnerability. (CVE-2023-34087)

  - An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger this vulnerability. (CVE-2023-34436)

  - An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger this vulnerability. (CVE-2023-35004)

  - An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality
    of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to
    open a malicious file to trigger this vulnerability. (CVE-2023-35057)

  - An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality
    of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to
    open a malicious file to trigger this vulnerability. (CVE-2023-35128)

  - Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of
    GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    fstReaderVarint32 function. (CVE-2023-35702)

  - Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of
    GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    fstReaderVarint64 function. (CVE-2023-35703)

  - Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of
    GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    fstReaderVarint32WithSkip function. (CVE-2023-35704)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
    functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the decompression function `LZ4_decompress_safe_partial`. (CVE-2023-35955)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
    functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the decompression function `fastlz_decompress`. (CVE-2023-35956)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
    functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the decompression function `uncompress`. (CVE-2023-35957)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
    functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the copy function `fstFread`. (CVE-2023-35958)

  - Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression.
    (CVE-2023-35959)

  - Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in
    `vcd_main`. (CVE-2023-35960)

  - Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in
    `vcd_recorder_main`. (CVE-2023-35961)

  - Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt`
    utility. (CVE-2023-35962)

  - Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the
    `vcd2lxt2` utility. (CVE-2023-35963)

  - Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
    A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt`
    utility. (CVE-2023-35964)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types. (CVE-2023-35969)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type. (CVE-2023-35970)

  - An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger this vulnerability. (CVE-2023-35989)

  - An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of
    GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory
    corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35992)

  - Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the tdelta initialization part. (CVE-2023-35994)

  - Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the tdelta indexing when signal_lens is 1. (CVE-2023-35995)

  - Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the tdelta indexing when signal_lens is 0. (CVE-2023-35996)

  - Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the tdelta indexing when signal_lens is 2 or more. (CVE-2023-35997)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    handling of `len` in `fstWritex` when parsing the time table. (CVE-2023-36746)

  - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table.
    (CVE-2023-36747)

  - An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115.
    A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger this vulnerability. (CVE-2023-36861)

  - An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-36864)

  - Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the allocation of the `chain_table` array. (CVE-2023-36915)

  - Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation
    functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the allocation of the `chain_table_lengths` array. (CVE-2023-36916)

  - An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger this vulnerability. (CVE-2023-37282)

  - Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the GUI's legacy VCD parsing code. (CVE-2023-37416)

  - Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the GUI's interactive VCD parsing code. (CVE-2023-37417)

  - Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the vcd2vzt conversion utility. (CVE-2023-37418)

  - Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37419)

  - Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the vcd2lxt conversion utility. (CVE-2023-37420)

  - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    read when triggered via the GUI's default VCD parsing code. (CVE-2023-37442)

  - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    read when triggered via the GUI's legacy VCD parsing code. (CVE-2023-37443)

  - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    read when triggered via the GUI's interactive VCD parsing code. (CVE-2023-37444)

  - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the vcd2vzt conversion utility. (CVE-2023-37445)

  - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37446)

  - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
    GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
    write when triggered via the vcd2lxt conversion utility. (CVE-2023-37447)

  - Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
    3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
    triggered via the GUI's recoder (default) VCD parsing code. (CVE-2023-37573)

  - Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
    3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
    triggered via the GUI's legacy VCD parsing code. (CVE-2023-37574)

  - Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
    3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
    triggered via the GUI's interactive VCD parsing code. (CVE-2023-37575)

  - Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
    3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
    triggered via the vcd2vzt conversion utility. (CVE-2023-37576)

  - Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
    3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
    triggered via the vcd2lxt2 conversion utility. (CVE-2023-37577)

  - Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
    3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
    triggered via the vcd2lxt conversion utility. (CVE-2023-37578)

  - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
    A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when
    triggered via the vcd2vzt conversion utility. (CVE-2023-37921)

  - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
    A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when
    triggered via the vcd2lxt2 conversion utility. (CVE-2023-37922)

  - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
    A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when
    triggered via the vcd2lxt conversion utility. (CVE-2023-37923)

  - A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of
    GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need
    to open a malicious file to trigger this vulnerability. (CVE-2023-38583)

  - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `rows` array. (CVE-2023-38618)

  - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `msb` array. (CVE-2023-38619)

  - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `lsb` array. (CVE-2023-38620)

  - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `flags` array. (CVE-2023-38621)

  - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `len` array. (CVE-2023-38622)

  - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
    malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `vindex_offset` array. (CVE-2023-38623)

  - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression
    functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the out-of-bounds write perfomed by the prefix copy loop. (CVE-2023-38648)

  - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression
    functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A
    victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
    the out-of-bounds write perfomed by the string copy loop. (CVE-2023-38649)

  - Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing
    functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    integer overflow when num_time_ticks is not zero. (CVE-2023-38650)

  - Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing
    functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    integer overflow when num_time_ticks is zero. (CVE-2023-38651)

  - Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing
    functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    integer overflow when num_time_ticks is not zero. (CVE-2023-38652)

  - Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing
    functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    integer overflow when num_time_ticks is zero. (CVE-2023-38653)

  - An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger this vulnerability. (CVE-2023-38657)

  - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality
    of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would
    need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-
    bounds write when looping over `lt->numrealfacs`. (CVE-2023-39234)

  - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality
    of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would
    need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-
    bounds write when looping over `lt->num_time_ticks`. (CVE-2023-39235)

  - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `rows` array. (CVE-2023-39270)

  - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `msb` array. (CVE-2023-39271)

  - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `lsb` array. (CVE-2023-39272)

  - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `flags` array. (CVE-2023-39273)

  - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `len` array. (CVE-2023-39274)

  - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `value` array. (CVE-2023-39275)

  - Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `string_pointers` array. (CVE-2023-39316)

  - Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave
    3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
    a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
    allocating the `string_lens` array. (CVE-2023-39317)

  - Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation
    functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    integer underflow when performing the left shift operation. (CVE-2023-39413)

  - Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation
    functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim
    would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
    integer underflow when performing the right shift operation. (CVE-2023-39414)

  - Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A
    specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious
    file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the
    prefix copy loop. (CVE-2023-39443)

  - Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A
    specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious
    file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the
    string copy loop. (CVE-2023-39444)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/gtkwave");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-32650");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-34087");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-34436");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35004");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35057");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35128");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35702");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35703");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35704");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35955");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35956");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35957");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35958");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35959");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35960");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35961");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35962");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35963");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35964");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35969");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35970");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35989");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35992");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35994");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35995");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35996");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35997");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36746");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36747");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36861");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36864");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36915");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36916");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37282");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37416");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37417");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37418");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37419");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37420");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37442");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37443");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37444");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37445");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37446");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37447");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37573");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37574");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37575");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37576");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37577");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37578");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37921");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37922");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37923");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38583");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38618");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38619");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38620");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38621");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38622");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38623");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38648");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38649");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38650");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38651");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38652");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38653");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38657");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39234");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39235");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39270");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39271");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39272");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39273");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39274");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39275");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39316");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39317");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39413");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39414");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39443");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39444");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/gtkwave");
  script_set_attribute(attribute:"solution", value:
"Upgrade the gtkwave packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-39444");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/04/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gtkwave");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '10.0', 'prefix': 'gtkwave', 'reference': '3.3.98+really3.3.118-0+deb10u1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gtkwave');
}

References

Related

openvas 4
debian 2
osv 2
fedora 2
nessus 3
talosblog 1
talos 26
prion 18
veracode 20
cvelist 23
ubuntucve 25
nvd 25
debiancve 26
cve 20
cnvd 2
openvas
openvas
Fedora: Security Advisory for gtkwave (FEDORA-2024-c990070fa4)
2024-01-18 00:00:00
Debian: Security Advisory (DSA-5653-1)
2024-04-04 00:00:00
Debian: Security Advisory (DLA-3785-1)
2024-04-10 00:00:00
debian
debian
[SECURITY] [DSA 5653-1] gtkwave security update
2024-04-03 18:58:39
[SECURITY] [DLA 3785-1] gtkwave security update
2024-04-09 20:24:24
osv
osv
gtkwave - security update
2024-04-03 00:00:00
gtkwave - security update
2024-04-09 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: gtkwave-3.3.118-1.fc39
2024-01-18 01:47:12
[SECURITY] Fedora 38 Update: gtkwave-3.3.118-1.fc38
2024-01-18 01:26:33
nessus
nessus
Debian dsa-5653 : gtkwave - security update
2024-04-03 00:00:00
Fedora 38 : gtkwave (2024-c990070fa4)
2024-01-18 00:00:00
Fedora 39 : gtkwave (2024-2647382c5f)
2024-01-18 00:00:00
talosblog
talosblog
Critical vulnerability in ManageEngine could lead to file creation, dozens of other vulnerabilities disclosed by Talos to start 2024
2024-01-17 17:00:00
talos
talos
GTKWave VCD get_vartoken realloc use-after-free vulnerabilities
2024-01-08 00:00:00
GTKWave VCD var definition section out-of-bounds read vulnerabilities
2024-01-08 00:00:00
GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities
2024-01-08 00:00:00
prion
prion
Integer overflow
2024-01-08 15:15:00
Out-of-bounds
2024-01-08 15:15:00
Design/Logic Flaw
2024-01-08 15:15:00
veracode
veracode
Integer Overflow
2024-04-07 13:07:10
Improper Array Index Validation
2024-04-06 05:44:53
Use-After-Free
2024-04-16 08:59:11
cvelist
cvelist
CVE-2023-39444
2024-01-08 14:47:40
CVE-2023-37574
2024-01-08 14:47:51
CVE-2023-37447
2024-01-08 14:47:52
ubuntucve
ubuntucve
CVE-2023-39444
2024-01-08 00:00:00
CVE-2023-37577
2024-01-08 00:00:00
CVE-2023-39443
2024-01-08 00:00:00
nvd
nvd
CVE-2023-37282
2024-01-08 15:15:15
CVE-2023-37573
2024-01-08 15:15:17
CVE-2023-39443
2024-01-08 15:15:24
debiancve
debiancve
CVE-2023-39443
2024-01-08 15:15:24
CVE-2023-35057
2024-01-08 15:15:09
CVE-2023-37577
2024-01-08 15:15:18
cve
cve
CVE-2023-37577
2024-01-08 15:15:18
CVE-2023-37447
2024-01-08 15:15:17
CVE-2023-37419
2024-01-08 15:15:15
cnvd
cnvd
GTKWave buffer overflow vulnerability (CNVD-2024-04855)
2024-01-11 00:00:00
GTKWave Arbitrary Write Vulnerability (CNVD-2024-04852)
2024-01-11 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.001

Percentile

33.6%

JSON
Related for DEBIAN_DLA-3785.NASL
openvas4debian2osv2fedora2nessus3talosblog1talos26prion18veracode20cvelist23ubuntucve25nvd25debiancve26cve20cnvd2