RSS   Vulnerabilities for 'Gypsy'   RSS

2012-08-13
 
CVE-2011-0524

CWE-119
 

 
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.

 
 
CVE-2011-0523

CWE-264
 

 
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top