CVE-2022-34295
6.5MEDIUMtotd before 1.5.3 does not properly randomize mesg IDs.
게시됨: 6/23/2022업데이트됨: 11/21/2024
설명
totd before 1.5.3 does not properly randomize mesg IDs.
AI 분석AI 기반
영향받는 제품
totd_projecttotd
참조
- http://www.hit.bme.hu/~lencse/publications/JCST-Apr14-2.pdfExploitTechnical DescriptionThird Party Advisory
- https://github.com/fwdillema/totd/commit/afd8a10a6a21f82a70940d1b43cff48143250399PatchThird Party Advisory
- https://github.com/fwdillema/totd/releases/tag/1.5.3PatchRelease NotesThird Party Advisory
- https://www.usenix.org/conference/usenixsecurity22/presentation/jeitnerVendor Advisory
- http://www.hit.bme.hu/~lencse/publications/JCST-Apr14-2.pdfExploitTechnical DescriptionThird Party Advisory
- https://github.com/fwdillema/totd/commit/afd8a10a6a21f82a70940d1b43cff48143250399PatchThird Party Advisory
- https://github.com/fwdillema/totd/releases/tag/1.5.3PatchRelease NotesThird Party Advisory
- https://www.usenix.org/conference/usenixsecurity22/presentation/jeitnerVendor Advisory