CVE-2010-3444
EPSS 3.1%
描述
Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original 2-byte UTF-8 sequences to be transformed into 3-byte sequences.
如何修補 CVE-2010-3444
要修補 CVE-2010-3444,請將受影響套件升級到下列已修補版本。
- Debian/pyfribidi—升級至 0.10.0-2 或更新版本
CVE-2010-3444 正在被利用嗎?
低 — EPSS 為 3.1%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 0.10.0-2