Vulnerabilities > CVE-2020-27797 - Release of Invalid Pointer or Reference vulnerability in UPX Project UPX 4.0.0

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
upx-project
CWE-763
NVD
Published: 2022-08-25
Updated: 2022-08-27

Summary

An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.

Vulnerable Configurations

Part Description Count
Application
Upx_Project
1

Common Weakness Enumeration (CWE)

References