CVE-2023-37578

{"id": "CVE-2023-37578", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-01-08T15:15:18.413", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html", "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt conversion utility."}, {"lang": "es", "value": "Existen m\u00faltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Una v\u00edctima necesitar\u00eda abrir un archivo malicioso para activar estas vulnerabilidades. Esta vulnerabilidad se refiere al use-after-free cuando se activa a trav\u00e9s de la utilidad de conversi\u00f3n vcd2lxt."}], "lastModified": "2024-04-09T21:15:12.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tonybybell:gtkwave:3.3.115:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C619471-C2FB-4A2C-894C-2562A6BA76DF"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}