CVE-2023-39273

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 8, 2024

Updated: Apr 9, 2024

CWE ID 190

Summary

CVE-2023-39273 is a critical vulnerability affecting GTKWave 3.3.115, where multiple integer overflow issues are identified in the LXT2 facgeometry parsing functionality. These vulnerabilities permit a maliciously crafted .lxt2 file to execute arbitrary code, posing a significant risk. The vulnerability specifically lies in the integer overflow that occurs during the allocation of the 'flags' array. Users are advised to upgrade to a patched version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sIDjEt
https://www.cve.org/CVERecord?id=CVE-2023-39273
https://nvd.nist.gov/vuln/detail/CVE-2023-39273

Back to Vulnerability Database

CVE-2023-39273

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations