Buffer Overflow Vulnerability in Arduino JSON Library by Bblanchon
CVE-2015-4590

Currently unrated

Key Information:

Vendor

Arduino Json Project

Status
Arduino Json
Vendor
CVE Published:
22 June 2015

What is CVE-2015-4590?

In the Arduino JSON library, specifically in the extractFrom function within the Internals/QuotedString.cpp file, an exploitable buffer overflow vulnerability exists. This flaw is triggered when a JSON string containing a backslash followed by a terminator (such as '\0') is processed. Successful exploitation can lead to a denial of service, causing the library to crash, which may be exploitable by remote attackers through crafted JSON strings.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/bblanchon/ArduinoJson/commit/5e7b9ec68...
x_refsource_CONFIRM
https://github.com/bblanchon/ArduinoJson/pull/81
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/06/16/6
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.