Vulnerabilities > CVE-2018-16666 - Out-of-bounds Write vulnerability in Contiki-Ng Contiki-Ng.

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

contiki-ng

CWE-787

NVD

Published: 2018-09-07

Updated: 2020-08-24

Summary

An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in next_string in os/storage/antelope/aql-lexer.c while parsing AQL (parsing next string).

Vulnerable Configurations

Part	Description	Count
OS	Contiki-Ng Contiki NG Contiki NG. *	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/contiki-ng/contiki-ng/issues/595