Vulnerabilities > CVE-2022-1211 - Out-of-bounds Write vulnerability in Tildearrow Furnace Dev73

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

tildearrow

CWE-787

NVD

Published: 2022-04-03

Updated: 2022-04-12

Summary

A vulnerability classified as critical has been found in tildearrow Furnace dev73. This affects the FUR to VGM converter in console mode which causes stack-based overflows and crashes. It is possible to initiate the attack remotely but it requires user-interaction. A POC has been disclosed to the public and may be used.

Vulnerable Configurations

Part	Description	Count
Application	Tildearrow Tildearrow Furnace Dev73	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://drive.google.com/file/d/1h111beVcWG8F99jRffO7_HKYEhm7Qgvb/view?usp=sharing
https://vuldb.com/?id.196371
https://github.com/tildearrow/furnace/issues/325