CVE-2021-30184

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:chess:6.2.7:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Information

Published : 2021-04-07 12:15

Updated : 2021-05-04 13:35


NVD link : CVE-2021-30184

Mitre link : CVE-2021-30184


JSON object : View

Products Affected

gnu

  • chess

fedoraproject

  • fedora
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')