Vulnerabilities > CVE-2016-4819 - Remote Code Execution vulnerability in DX Library Project DX Library 3.16B

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

dx-library-project

NVD

Published: 2016-06-19

Updated: 2016-06-23

Summary

The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13f through 3.16b, DX Library for Gnu C++ 3.13f through 3.16b, and DX Library for Visual C++ 3.13f through 3.16b allows remote attackers to execute arbitrary code via a crafted string. <a href="http://cwe.mitre.org/data/definitions/134.html">CWE-134: Use of Externally-Controlled Format String</a>

Vulnerable Configurations

Part	Description	Count
Application	Dx_Library_Project DX Library Project DX Library 3.16B	3

References

http://dxlib.o.oo7.jp/dxvulnerability.html
http://jvn.jp/en/jp/JVN15205734/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000099