25 matches found
CVE-2021-44503
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to vaarg on an empty variadic parameter list, most likely causing a memory segmentation fault...
CVE-2021-44501
CVE-2021-44501 affects FIS GT.M through V7.0-000 (YottaDB code base) where crafted input can make ZRead crash due to a NULL pointer dereference. Documented impact is crash; no explicit exploit details or patch/remediation are provided in the connected sources. Monitor for updates from GT.M/YottaD...
CVE-2021-44499
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that...
CVE-2021-44497
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, can cause the bounds of a for loop to be miscalculated, which leads to a use after free condition a pointer is pushed into previously free memory by the loop...
CVE-2021-44496
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...