Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.
Max CVSS
6.8
EPSS Score
10.13%
Published
2011-11-04
Updated
2016-12-08
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field.
Max CVSS
6.4
EPSS Score
11.17%
Published
2009-03-25
Updated
2009-05-15
2 vulnerabilities found