Mono : Security Vulnerabilities, CVEs, (Overflow)
Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action.
Max CVSS
5.8
EPSS Score
8.00%
Published
2011-04-13
Updated
2017-08-17
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
Max CVSS
7.5
EPSS Score
2.00%
Published
2007-11-02
Updated
2018-10-30
2 vulnerabilities found