RSS   Podatności dla 'GPSD'   RSS

2019-03-13
 
CVE-2018-17937

CWE-119
 
 
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.

 
2014-02-06
 
CVE-2013-2038

CWE-20
 
 
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability.

 

Copyright 2024, cxsecurity.com

 

Back to Top