JVN#16420523
SDoP vulnerable to stack-based buffer overflow
Overview
SDoP contains a stack-based buffer overflow vulnerability.
Products Affected
- SDoP versions prior to 1.11
Description
SDoP fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability (CWE-121).
Impact
When a user of the affected product is tricked to process a specially crafted XML file, an arbitrary code may be executed on the user's environment.
Solution
Update the software
Update the software to the latest version according to the information provided by the developer.
The developer has added the commit to fix the vulnerability in SDoP repository, named as version 1.11.
Vendor Status
| Vendor | Link |
| Philip Hazel | GitHub SDoP |
| commit ff83d85: Prevent stack smashing if revisionflag is given a stupidly long value |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Comment
AC(Attack Complexity) is evaluated as High considering that exploit protection mechanisms such as ASLR and stack canaries become popular in major OS environments.
Credit
Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2024-41881 |
| JVN iPedia |
JVNDB-2024-000076 |