CVE-2023-28508

Published: Mar 29, 2023

Modified: Feb 18, 2025

PUBLISHED

Description

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process.

Vendor	Product	Versions
Rocket Software	UniData	affected `0 - < 8.2.43.3003`
Rocket Software	UniVerse	affected `0 - < 11.3.5.1001` affected `0 - < 12.2.1.2002`

Weaknesses (CWE)

CWE-120

References

https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed/

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-28508

Description

Affected Products

Weaknesses (CWE)

References