6.2

CVE-2025-65410

Exploit
A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Unrtf ProjectUnrtf Version0.21.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.2% 0.095
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

https://www.gnu.org/software/unrtf/
Product
https://lists.gnu.org/archive/html/bug-unrtf/2025-11/msg00001.html
Mailing List
https://savannah.gnu.org/projects/unrtf/
Product
https://hg.savannah.gnu.org/hgweb/unrtf/rev/a5d3b025a8b1
Broken Link
https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65410.md
Third Party Advisory
Exploit