3 matches found
CVE-2015-4590
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...
CVE-2015-4590
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...
CVE-2015-4590
CVE-2015-4590 concerns the Arduino JSON library. The accessible details specify: in the library version before 4.5, the extractFrom function in Internals/QuotedString.cpp is vulnerable to a denial of service when processing a JSON string that contains a backslash followed by a terminator (e.g., "...