CVE-2019-14745

In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables.
Configurations

Configuration 1

cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*

Information

Published : 2019-08-07 03:15

Updated : 2019-10-08 03:15


NVD link : CVE-2019-14745

Mitre link : CVE-2019-14745

Products Affected
No products.
CWE