CVE-2022-35048 : OTFCC commit 617837b was discovered to contain a heap buffer overflow via /relea

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c.

Published 2022-10-14 12:15:10

Updated 2025-05-15 16:15:24

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2022-35048

Otfcc Project » Otfcc
Versions up to, including, (<=) 0.10.4
cpe:2.3:a:otfcc_project:otfcc:*:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 27 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	2.8	3.6	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-05-15
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High

https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35048.md

Poc/CVE-2022-35048.md at main · Cvjark/Poc · GitHub
Exploit;Third Party Advisory
https://drive.google.com/file/d/18cCD_Z6TDbx9IDQQKq3ZTALMGWSl_qWH/view?usp=sharing

https://drive.google.com/file/d/18cCD_Z6TDbx9IDQQKq3ZTALMGWSl_qWH/view?usp=sharing
Not Applicable

Jump to