본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7836 | Voiceye WSActiveBridgeES Stack Overflow Vulnerability2021.02.24
□ Overview
o Voiceye released security update to address buffer overflow vulnerability in WSActiveBridgeES.
Vulnerability Type Impact Severity CVSS Score CVE ID
Buffer overflow Code execution High 7.8 CVE-2020-7836
 
□ Description
o WSActiveBridgeES contains a stack-based buffer overflow vulnerability caused by improper bound checking parameter given by attack. It finally leads to a stack-based buffer overflow via access to crafted web page.
 
□ Affected Product
 
Product Version
WSActiveBridgeES 2.1.0.2 and prior

□ Solution
o Update software over WSActiveBridgeES 2.1.0.3 version
 
□ Acknowledgements
o Thanks to Jongsub Park for reporting this vulnerability
 


□ 작성 : 침해사고분석단 취약점분석팀