6 matches found
CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
Type confusion
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
CVE-2023-42464
The CVE-2023-42464 entry concerns a Type Confusion in Netatalk 3.1.x before 3.1.17, specifically in Spotlight RPC parsing where a key–value dictionary’s values are not properly type-checked by dalloc_value_for_key(), allowing a malicious actor to fully control the pointer value and theoretically ...
CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
PT-2023-28357 · Netatalk +4 · Netatalk +4
Name of the Vulnerable Software and Affected Versions: Netatalk versions 3.1.x through 3.1.16 Description: A Type Confusion issue was found in the Spotlight RPC functions in afpd. The problem arises when parsing Spotlight RPC packets, specifically with a key-value style dictionary where keys are...