Vulnerabilities > CVE-2018-17174 - Out-of-bounds Write vulnerability in Nmealib Project Nmealib 0.5.3

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
nmealib-project
CWE-787

Summary

A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.

Vulnerable Configurations

Part Description Count
Application
Nmealib_Project
1

Common Weakness Enumeration (CWE)