CVE-2017-2808

Published: 2017-09-05T18:29Z

Last Modified: 2024-11-21T03:24Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt