CVE-2012-6089

Description

Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.

Affected packages (1)

• Debian/swi-prologfrom 0, < 5.10.4-5

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-6089