6 matches found
CVE-2023-34401
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory...
CVE-2023-34401
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory...
CVE-2023-34401
CVE-2023-34401 affects Mercedes-Benz head-unit NTG6. USB-based profile import/export can process UD2-encoded files; missing size checks in enapsulate file enable an out-of-bounds read on the heap. Connected sources describe the vulnerability across multiple feeds (nvd/nvd-derived entries, Red Hat...
CVE-2023-34401
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory...
CVE-2023-34401
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory...
CVE-2023-34401
creationtimestamp| type| source ---|---|--- 2025-01-17 13:35:07+00:00| seen| https://poliverso.org/objects/0477a01e-45ff02b8-52616ac586aa8672 2025-02-13 23:15:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li3sxwqrai2a 2025-02-14 00:35:09+00:00| seen|...