Security Advisory

CVE-2017-1000173

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-11-17 03:00:00
Last updated 2024-09-16 23:05:33
Assigner mitre
State PUBLISHED

Description

Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow.