Heap Overflow Vulnerability in tinysvcmdns Library

Heap Overflow Vulnerability in tinysvcmdns Library

CVE-2017-12087 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.