Heap Use-After-Free Vulnerability in Creolabs Gravity Version 1.0

Heap Use-After-Free Vulnerability in Creolabs Gravity Version 1.0

CVE-2017-1000172 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.

Learn more about our Web Application Penetration Testing UK.