CVE-2022-35059 An overflow was discovered in OTFCC commit 617837b that was used in an exploit.
The issue was addressed by not allowing the dumping of heap data. In addition, OTFCC commit d54cb8e was discovered to contain a stack buffer overflow via /release-x64/otfccdump+0x6c019a.
The issue was addressed by updating OTFCC to be compatible with the latest stable release. In addition, a race condition was discovered in the input validation of OTFCC commit a3d7d2a. An attacker could exploit this to cause OTFCC to crash the application.
CVE References Severity Updated Acknowledgements 2018-10-01 4.3 High OTFCC PR-2018-1685
Summary
The issue was addressed by updating OTFCC to be compatible with the latest stable release. In addition, a race condition was discovered in the input validation of OTFCC commit a3d7d2a. An attacker could exploit this to cause OTFCC to crash the application.
CVE-2021-35058
The issue was addressed by updating OTFCC to be compatible with the latest stable release. In addition, a race condition was discovered in the input validation of OTFCC commit a3d7d2a. An attacker could exploit this to cause OTFCC to crash the application.
CVE References Severity Updated Acknowledgements 2018-10-01 4.3 High OTFCC PR-2018-1685
Timeline
Published on: 10/14/2022 12:15:00 UTC
Last modified on: 10/15/2022 02:14:00 UTC