Vulnerability Details : CVE-2020-28371
An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operations. However, an integer overflow leads to bypassing this check and achieving the out-of-bounds access. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Vulnerability category: Overflow
Products affected by CVE-2020-28371
- cpe:2.3:a:readytalk:avian:1.2.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-28371
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-28371
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-28371
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-28371
-
https://github.com/ReadyTalk/avian/commit/0871979b298add320ca63f65060acb7532c8a0dd
Fix integer overflow leading to out-of-bounds read/write · ReadyTalk/avian@0871979 · GitHubPatch;Third Party Advisory
-
https://github.com/ReadyTalk/avian/pull/572
Fix integer overflow leading to out-of-bounds read/write by polivar3 · Pull Request #572 · ReadyTalk/avian · GitHubPatch;Third Party Advisory
Jump to