An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud server to trigger this vulnerability.
References
Link | Resource |
---|---|
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0683 | Exploit Third Party Advisory |
Configurations
Information
Published : 2019-01-03 14:29
Updated : 2022-04-19 11:15
NVD link : CVE-2018-4012
Mitre link : CVE-2018-4012
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
webroot
- brightcloud