CVE-2023-35969

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 8, 2024
Updated: Jan 16, 2024
CWE ID 119
CWE ID 787

Summary

Multiple heap-based buffer overflow vulnerabilities have been discovered in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. These vulnerabilities, identified as CVE-2023-35969, can be exploited through a specially crafted .fst file, potentially leading to arbitrary code execution. The affected products include GTKWave 3.3.115. To remediate this vulnerability, users are advised to update to the latest version of GTKWave or apply any available patches or security updates. The danger posed by this vulnerability is categorized as high, with a base severity score of 7.8 out of 10 and potential impact on confidentiality and integrity being rated as high as well. It should be noted that exploitation requires user interaction and the attack vector is local in nature.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-35969 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options