Arbitrary Code Execution Vulnerability in Marvin Minsky's Universal Turing Machine Implementation

Arbitrary Code Execution Vulnerability in Marvin Minsky's Universal Turing Machine Implementation

CVE-2021-32471 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."

Learn more about our User Device Pen Test.