Capstone-Engine: Security Vulnerabilities
Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-05-15
Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or possibly have unspecified other impact via a large value.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-03-16