Cryptopp Crypto++ 5.6.4 exploit Remote Code Execution Vulnerability
Summary
Credit:
The information has been provided by John Byrd .
The original article can be found at: http://www.securityfocus.com/bid/93164
Details
Vulnerable Systems:
* Cryptopp Crypto++ 5.6.4
Crypto++ 5.6.4 incorrectly uses Microsoft’s stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.
CVE Information:
CVE-2016-7798
Disclosure Timeline:
Publish Date : 2017-01-30
Last Update Date : 2017-02-07