CVE-2023-39273
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Jan 8, 2024
Updated: Apr 9, 2024
CWE ID 190
Summary
CVE-2023-39273 is a critical vulnerability affecting GTKWave 3.3.115, where multiple integer overflow issues are identified in the LXT2 facgeometry parsing functionality. These vulnerabilities permit a maliciously crafted .lxt2 file to execute arbitrary code, posing a significant risk. The vulnerability specifically lies in the integer overflow that occurs during the allocation of the 'flags' array. Users are advised to upgrade to a patched version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share