Rom Walton » Boinc : Security Vulnerabilities, CVEs,

CVE-2013-7386

Format string vulnerability in the PROJECT::write_account_file function in client/cs_account.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the gui_urls item in an account file.
Max CVSS
5.0
EPSS Score
1.29%
Published
2014-06-02
Updated
2014-06-03

CVE-2013-2298

Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.
Max CVSS
9.3
EPSS Score
0.79%
Published
2014-06-02
Updated
2017-08-29

CVE-2013-2019

Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements.
Max CVSS
9.3
EPSS Score
0.63%
Published
2014-06-02
Updated
2017-08-29

CVE-2011-5280

Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp.
Max CVSS
5.0
EPSS Score
0.36%
Published
2014-06-02
Updated
2014-06-03
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close