Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

[VS-2019-002] Buffer Overflow in VMAC for Verix

CVE ID

CVE-2019-10060

CVSS Score

Pending

Vendor

Verifone, Inc.

Product

Verix Multi-app Conductor

Product Version

Ver. 2.7

Vulnerability Details

The Verix Multi-app Conductor application for Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability.

Credit

Fabius Watson of VerSprite Security (@FabiusArtrel)