CVE-2020-24753

Published: Sep 17, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder. An uncaught error while decoding CBOR Major Type 3 text strings leads to the use of an attacker-controllable uninitialized stack value. This can be used to modify memory, causing a crash or potentially exploitable heap corruption.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/objsys/oocborrt/commit/539851c66778f68a244633985f6f8d0df94ea3b3

x_refsource_MISC

https://warcollar.com/cve-2020-24753.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-24753

Description

Affected Products

References