CVE-2023-2789

CVSS V2 None CVSS V3 None

Description

A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Overview

CVE ID
CVE-2023-2789

Assigner
cna@vuldb.com

Vulnerability Status
Received

Published Version
2023-05-18T13:15:09

Last Modified Date
2023-05-18T13:15:09

Weakness Enumerations

CWE	URL
CWE-404	http://cwe.mitre.org/data/definitions/404.html

References

Reference URL	Reference Tags
https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md
https://github.com/DaisyPo/fuzzing-vulncollect/files/11343936/poc-file.zip
https://vuldb.com/?ctiid.229373
https://vuldb.com/?id.229373

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-2789
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2789

History

Created	Old Value	New Value	Data Type	Notes
2023-05-18 14:00:42				Added to TrackCVE
2023-05-18 14:00:45			Weakness Enumeration	new