CVE-2016-6354

Published September 21st, 2016

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

westes/flex

The Fast Lexical Analyzer - scanner generator for lexing in C and C++

GitHub

4.02K