GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
References
Configurations
History
07 Nov 2023, 03:33
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-04-07 12:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-30184
Mitre link : CVE-2021-30184
CVE.ORG link : CVE-2021-30184
JSON object : View
Products Affected
gnu
- chess
fedoraproject
- fedora
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')