CVE-2023-28505

CVE-2023-28505: Buffer overflow in UniRPC library function

Vendor Rocket Software
Product UniData
Weakness CWE-120
Published March 29, 2023
Last update February 18, 2025

CVSS base score

What the vulnerability does

01Description

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit.

Key dates

02Disclosure timeline

March 29, 2023 CVE published
February 18, 2025 Record updated