Headline
CVE-2015-10065: fixed overflow vulnerability · AenBleidd/FiND@ee2eef3
A vulnerability classified as critical was found in AenBleidd FiND. This vulnerability affects the function init_result of the file validator/my_validator.cpp. The manipulation leads to buffer overflow. The name of the patch is ee2eef34a83644f286c9adcaf30437f92e9c48f1. It is recommended to apply a patch to fix this issue. VDB-218458 is the identifier assigned to this vulnerability.
@@ -55,7 +55,8 @@ int init_result(RESULT & result, void*& data) { log_messages.printf(MSG_DEBUG, “Check result\n”);
char buff[256]; n = fscanf(f, "%s", buff); //n = fscanf(f, “%s", buff); fgets(buff, 256, f); char * pch; pch = strtok(buff, " ,”); if (pch != NULL) {