Vulnerabilities

CVE-2021-21828

by Fred · 20/08/2021

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability.

Date published : 2021-08-20

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1291

Similar

Tags: Cybersecurity Alert