202115 Feb
Vigil@nce - c-ares: use after free via ares_destroy
Type
General News
Source
Globalsecuritymag
Summary

Vigil@nce - c-ares: use after free via ares_destroy This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer... Consequences: user access/rights, denial of service on service, denial of service on client. An attacker can force the usage of a freed memory area via ares_destroy() of c-ares, in order to trigger a denial of service, and possibly to run code.

Classifications
  • Security
  • HealthTech
  • General Healthcare software
  • Security Software
  • Data Management