A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used to hold it. Mitigation: Update to Google Earth Pro 7.3.3.
References
Link | Resource |
---|---|
https://support.google.com/earth/answer/40901 | Vendor Advisory |
Configurations
Information
Published : 2020-05-04 13:15
Updated : 2020-05-08 08:45
NVD link : CVE-2020-8896
Mitre link : CVE-2020-8896
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
- earth