CVE-2019-25659: ASPRunner Professional Buffer Overflow (6.0.766)
Plattform
php
Komponente
asprunner-professional
CVE-2019-25659 is a local buffer overflow vulnerability discovered in ASPRunner Professional. This flaw allows an attacker to trigger a denial of service by providing an excessively long project name during project creation, leading to an application crash. The vulnerability affects versions 6.0.766–6.0.766. As of the last update, no official patch is available to address this issue.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2019-25659?
CVE-2019-25659 is a buffer overflow vulnerability in ASPRunner Professional 6.0.766. It allows an attacker to cause a denial of service by entering a very long project name (180+ characters) when creating a new project.
Am I affected by CVE-2019-25659?
You are affected if you are using ASPRunner Professional version 6.0.766. Versions prior to and after this specific version are not known to be vulnerable.
How can I fix or mitigate CVE-2019-25659?
No official patch is currently available for CVE-2019-25659. As a mitigation, restrict the length of the project name field or implement input validation to prevent excessively long strings from being entered.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten