First published: Mon Sep 19 2022(Updated: )
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x65fc97.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Otfcc Project Otfcc | =2022-06-03 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this OTFCC vulnerability is CVE-2022-35070.
The severity level of CVE-2022-35070 is medium, with a severity keyword of "medium" and a severity value of 6.5.
The software affected by CVE-2022-35070 is OTFCC version 2022-06-03.
The CWE ID for CVE-2022-35070 is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-787 (Out-of-bounds Write).
Yes, there are references available for CVE-2022-35070. You can find them at the following links: [Reference 1](https://drive.google.com/file/d/13_Iq4Uj3B4iz07N8qWYhx_bZd618F6YN/view?usp=sharing), [Reference 2](https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35070.md).