CVE-2021-30184

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.

Reference Links(if available):

  • https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html
  • https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00001.html
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)