3 matches found
The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.
The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
Integer Overflow to Buffer Overflow
Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow in the UTF32Encoding::convert and UTF32Encoding::queryConvert methods. Remediation Upgrade poco to version 1.11.0 or higher. References - GitHub Commit - GitHub Commit - GitHub Diff - GitHub Issue -...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...