Vulnerabilities > CVE-2020-13995 - Out-of-bounds Write vulnerability in Airforce Nitf Extract Utility 7.5

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

airforce

CWE-787

NVD

Published: 2020-09-25

Updated: 2022-05-03

Summary

U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DES_info or image_info. By controlling that pointer, one achieves an arbitrary write when its fields are assigned. The data written is from a potentially untrusted NITF file in the form of an integer. The attacker can gain control of the instruction pointer.

Vulnerable Configurations

Part	Description	Count
Application	Airforce Airforce Nitf Extract Utility 7.5	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.riverloopsecurity.com/blog/2020/09/nitf-extract75-cve-2020-13995/