VULHUB ™

A buffer overrun has been discovered in Tripbit Secure Code Analizer when reading data from source files. The problem occurs due to an insecure use of the fgets() function. This vulnerability could be triggered by a malicious source file containing approximately 260 or more bytes of specially formatted data. This would effectively overrun the internal memory buffer, causing adjacent stack memory to be overwritten with attacker-supplied values. Successful exploitation of this vulnerability would result in attacker-supplied code being executed withthe privileges of the user invoking Secure Code Analizer.

A buffer overrun has been discovered in Tripbit Secure Code Analizer when reading data from source files. The problem occurs due to an insecure use of the fgets() function. This vulnerability could be triggered by a malicious source file containing approximately 260 or more bytes of specially formatted data. This would effectively overrun the internal memory buffer, causing adjacent stack memory to be overwritten with attacker-supplied values. Successful exploitation of this vulnerability would result in attacker-supplied code being executed withthe privileges of the user invoking Secure Code Analizer.