radare2 is vulnerable to denial of service. A heap-based buffer over-read in the r_egg_lang_parsechar
function in egg_lang.c
due to lack of input length validation, allows a remote attacker to crash the application, or potentially execute arbitrary code in the system.
CPE | Name | Operator | Version |
---|---|---|---|
radare2:3.11 | eq | 3.9.0-r0 | |
radare2:3.11 | eq | 3.9.0-r0 |