CVE-2018-25154

GNU Barcode 0.99 Buffer Overflow in Code 93 Encoding Mechanism

CVSS 8.5 HIGHEPSS 0.3%CWE-787

GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

The GNU Project | Free Software Foundation, Inc. · GNU Barcode

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://directory.fsf.org/wiki/Barcode https://www.exploit-db.com/exploits/44797 https://www.gnu.org/software/barcode/