Buffer Overflow Vulnerability in jio_snprintf() and jio_vsnprintf() Methods in Eclipse OpenJ9

Buffer Overflow Vulnerability in jio_snprintf() and jio_vsnprintf() Methods in Eclipse OpenJ9

CVE-2018-12547 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

Learn more about our Api Penetration Testing.