8 matches found
Debian dla-3785 : gtkwave - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3785 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3785-1 [email protected]...
Debian dsa-5653 : gtkwave - security update
The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5653 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5653...
Fedora 39 : gtkwave (2024-2647382c5f)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2647382c5f advisory. Cumulative bug-fix update. This update includes fixes for multiple security issues found by Talos in which specially crafted input files could lead ...
CVE-2023-35704
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
CVE-2023-35704
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
CVE-2023-35704
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
CVE-2023-35704
CVE-2023-35704 affects GTKWave, a waveform viewer for VCD files. The vulnerability stems from the FST LEB128 varint handling in the function fstReaderVarint32WithSkip , causing stack-based buffer overflow that can enable arbitrary code execution when opening a crafted .fst file. The CVE is associ...
GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1783 GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35704,CVE-2023-35703,CVE-2023-35702 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of...