0.001 Low
EPSS
Percentile
31.9%
mcpp is vulnerable to denial of service. The do_msg function in support.c does not handle the memory properly when a malicious input is provided, causing heap-based buffer overflows.
do_msg
support.c
lists.opensuse.org/opensuse-security-announce/2020-03/msg00032.html
lists.opensuse.org/opensuse-security-announce/2020-03/msg00038.html
github.com/zeroc-ice/mcpp/blob/ed6ccf48c35388f5d524f72bb70840a110b07d3d/support.c#L1661
security.gentoo.org/glsa/202208-04
sourceforge.net/p/mcpp/bugs/13/