Main Vulnerability Database Vulnerabilities #VU58100

Integer overflow in Safestring library - CVE-2021-33106

Published: November 10, 2021

Vulnerability identifier: #VU58100

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-33106

CWE-ID: CWE-190

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Safestring library

Software vendor:
Intel

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow. A local user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system with elevated privileges.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00584.html

Integer overflow in Safestring library - CVE-2021-33106

Description

Remediation

External links

Please verify you're human