Heap-based Buffer Overflow in Augeas Versions up to 1.8.0

Heap-based Buffer Overflow in Augeas Versions up to 1.8.0

CVE-2017-7555 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.

Learn more about our Web Application Penetration Testing UK.