Buffer overflow in Att Xmill
CVE-2021-21813
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer wit…
Vulnerability class: Buffer Overflow
EPSS: 0.003 (25.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Att Xmill — versions 0.7
- N/a At&t — versions AT&T Labs Xmill 0.7
Weakness classification (CWE)
References
- talos-cna@cisco.com (Exploit, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-21813?
- CVE-2021-21813 is a high-severity vulnerability in Att Xmill, classified under Out-of-bounds Write. CVSS score: 7.8/10. Published 2021-08-13.
- How severe is CVE-2021-21813?
- High severity. CVSS v3 base score is 7.8 out of 10.