Buffer Overflow Vulnerability in jio_snprintf() and jio_vsnprintf() Methods in Eclipse OpenJ9
CVE-2018-12547 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.
Learn more about our Api Penetration Testing.