Uninitialized Data in snprintf Call: Information Disclosure Vulnerability in QEMU 3.0.0

Uninitialized Data in snprintf Call: Information Disclosure Vulnerability in QEMU 3.0.0

CVE-2019-9824 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.

Learn more about our Web Application Penetration Testing UK.