Integer Overflow Vulnerability in demangle_template Function in GNU libiberty

Integer Overflow Vulnerability in demangle_template Function in GNU libiberty

CVE-2018-20673 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Learn more about our Web Application Penetration Testing UK.