Stack-based buffer overflow in parseOperand function in radare2 prior to 3.1.1

Stack-based buffer overflow in parseOperand function in radare2 prior to 3.1.1

CVE-2018-20455 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.

Learn more about our Web Application Penetration Testing UK.