2 matches found
GTKWave out-of-bounds write vulnerability (CNVD-2024-39639)
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An out-of-bounds write vulnerability exists in GTKWave version 3.3.115. The vulnerability stems from an out-of-bounds write to the VZT vztrdgetfacname decompression function, which can be exploited by an attacker to cause...
Integer overflow
Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...