Vulnerabilities > CVE-2023-31470 - Out-of-bounds Write vulnerability in Pymumu Smartdns

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

pymumu

CWE-787

critical

NVD

Published: 2023-04-28

Updated: 2024-11-21

Summary

SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request.

Vulnerable Configurations

Part	Description	Count
Application	Pymumu Pymumu Smartdns - Pymumu Smartdns 18 Pymumu Smartdns 20 Pymumu Smartdns 21 Pymumu Smartdns 22 Pymumu Smartdns 23 Pymumu Smartdns 24 Pymumu Smartdns 25 Pymumu Smartdns 26 Pymumu Smartdns 27 Pymumu Smartdns 28 Pymumu Smartdns 29 Pymumu Smartdns 30 Pymumu Smartdns 31 Pymumu Smartdns 32 Pymumu Smartdns 33 Pymumu Smartdns 34 Pymumu Smartdns 35 Pymumu Smartdns 36 Pymumu Smartdns 36.1 Pymumu Smartdns 37 Pymumu Smartdns 37.1 Pymumu Smartdns 37.2 Pymumu Smartdns 38 Pymumu Smartdns 38.1 Pymumu Smartdns 39 Pymumu Smartdns 40 Pymumu Smartdns 41	38

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References