A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-04T19:19:18.587Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3817

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-03-27T13:29:01.413

Modified: 2024-11-21T04:42:36.240

Link: CVE-2019-3817

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-01-21T00:00:00Z

Links: CVE-2019-3817 - Bugzilla

cve-icon OpenCVE Enrichment

No data.