CVE-2019-15767
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
29/08/2019
Last modified:
07/11/2023
Description
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:gnu:chess:6.2.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZA4UCVURQXNLUNFAMRLZBAFRHSEVC6Q/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TB4FURVE4C35UDXGAAHJL5NIHJQ3WDZT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGIICRUZRFAK5M7SNHZKR7SKE77SFKWE/
- https://lists.gnu.org/archive/html/bug-gnu-chess/2019-08/msg00004.html
- https://lists.gnu.org/archive/html/bug-gnu-chess/2019-08/msg00005.html