Heap Corruption Vulnerability in getCanonicalPath Function in Windows NT 4.0

Heap Corruption Vulnerability in getCanonicalPath Function in Windows NT 4.0

CVE-2003-0525 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.

Learn more about our Cis Benchmark Audit For Ibm I.