gsoap: Stack-based buffer overflow when receieving XML message with size larger than 2GB (CVE-2017-9765)
A buffer overflow can cause an open unsecured server to crash after 2GB
(greater than 2147483711 bytes
to trigger the software bug)) XML message is received.
Fixed In Version:
gsoap 2.8.48
References:
https://www.genivia.com/advisory.html
http://openwall.com/lists/oss-security/2017/07/19/7
(from redmine: issue id 7568, created on 2017-07-20, closed on 2017-08-04)
- Relations:
- child #7569 (closed)
- child #7570 (closed)