6 matches found
EUVD-2015-4610
Malware in sbrugna...
Arduino JSON 'extractFrom' function denial of service vulnerability
Arduino JSON is a JSON library that runs on embedded systems. A security vulnerability in the 'extractFrom' function in the Internals/QuotedString.cpp script for Arduino JSON allows a remote attacker to submit a JSON string with a special termination character followed by the ' \ ' character afte...
Buffer overflow
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...
CVE-2015-4590
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...
CVE-2015-4590
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...
CVE-2015-4590
CVE-2015-4590 concerns the Arduino JSON library. The accessible details specify: in the library version before 4.5, the extractFrom function in Internals/QuotedString.cpp is vulnerable to a denial of service when processing a JSON string that contains a backslash followed by a terminator (e.g., "...