ChaiScript 6.1.0 allows memory corruption via local exploitation

Summary

A security flaw in ChaiScript 6.1.0 can be exploited by a local attacker to corrupt memory. This means an attacker can potentially cause a crash or malicious behavior in a system using an affected version. Until the issue is addressed by the ChaiScript developers, it's a good idea to update to a fixed version or consider alternative solutions.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
chaiscript	chaiscript	<= 6.1.0	–

Original title

A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. Per...

Original description

A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. Performing a manipulation results in memory corruption. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

nvd CVSS2.0 1.7

nvd CVSS3.1 5.5

nvd CVSS4.0 4.8

Vulnerability type

CWE-119 Buffer Overflow

CWE-787 Out-of-bounds Write

https://github.com/ChaiScript/ChaiScript/ Product
https://github.com/ChaiScript/ChaiScript/issues/635 Issue Tracking
https://github.com/ChaiScript/ChaiScript/issues/635#issue-3828258513 Issue Tracking
https://vuldb.com/?ctiid.348268 Permissions Required VDB Entry
https://vuldb.com/?id.348268 Third Party Advisory VDB Entry
https://vuldb.com/?submit.761301 Third Party Advisory VDB Entry