Denial of Service Vulnerability in radare2 1.3.0 via Crafted PE File

Denial of Service Vulnerability in radare2 1.3.0 via Crafted PE File

CVE-2017-7274 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.

Learn more about our Cms Pen Testing.